一个想帮你总结所有类型的上传漏洞的靶场

BOF to run PE in Cobalt Strike Beacon without console creation

template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.

Detects process injection and memory manipulation used by malware. Finds RWX regions, shellcode patterns, API hooks, thread hijacking, and process hollowing. Built in Rust for speed. Includes CLI a…

Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.

Go 代码混淆工具，使用 AST (抽象语法树) 技术实现跨文件的代码混淆，同时保证混淆后的代码可编译和可执行。

LDAP library for auditing MS AD

A little tool to play with Windows security

A x64 Position Independent Proxy Enumerator Shellcode (PIPES)

Extensible Position Independent Code – shellcode (C/C++) development and building toolkit designed for developer experience, predictability, and modularity.

Windows User-Mode Shellcode Development Framework (WUMSDF)

Stealthily inject shellcode into an executable

Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver

Burpsuite - Js Route Scan 正则匹配获取响应中的路由进行被动探测与递归目录探测的burp插件

C++ Encrypted SSL/TLS REVERSE SHELL, designed to provide secure, encrypted communication between a compromised client and an attacker, while blending seamlessly into HTTP traffic.

A local testing ground covering common PHP code auditing topics. Organized similarly to DVWA/Pikachu, it includes an installation wizard and a tutorial.一个覆盖常见 PHP 代码审计知识点的本地靶场。参考 DVWA / Pikachu 的组织…

Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence

AI-Powered Autonomous Penetration Testing Platform - Built with Golang, featuring hundreds of built-in security tools, flexible custom tool extensions, and intelligent AI decision-making through MC…

Tool for playing with Windows Access Token manipulation.

关于我在CTF中的所有东西

A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily

PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads

Spartacus DLL/COM Hijacking Toolkit

Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data

Azure Data Exporter for BloodHound

BOF to steal Teams cookies

Magic hashes – PHP hash "collisions"

PC微信4.0.3.39以后版本HOOK获取dbkey

Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.