#
Lists (1)
Starred repositories
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
socks5 server in pure Golang with much custom optional. Full TCP/UDP and IPv4/IPv6 support.
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Deserialization payload generator for a variety of .NET formatters
PDFsam, a desktop application to split, merge, mix, rotate PDF files and extract pages
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.
PoC and writeup for bypassing the initial patch of CVE-2024-0044, Android run-as any app vulnerability allowing privilege escalation from adb to installed app
A bridge/proxy allowing you to connect to Minecraft: Java Edition servers with Minecraft: Bedrock Edition.
exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF
Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).
Controlled TCP-over-WebSocket forwarding tunnel.
Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
【Hello CTF】专为CTF比赛封装的虚拟机,基于工具集封装多个版本和系统,更多选择,开箱即用。比赛愉快!
Collecting and writing PoC or EXP for vulnerabilities on some application
Obfusheader.h is a portable header file for C++14 compile-time obfuscation.
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC,已校验有效性并去重)
一款基于go的windows信息收集工具,主要收集目标机器rdp端口、mstsc远程连接记录、mstsc密码和安全事件中4624、4625登录事件记录
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
