Stars
libAppleArchive exploit maker, read the writeup here https://snoolie.gay/blog/CVE-2024-27876
Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
The repository will contain small but really helpful resources for macOS penetration testing.
[USENIX Security'24] Official repository of "Making Them Ask and Answer: Jailbreaking Large Language Models in Few Queries via Disguise and Reconstruction"
A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.
Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
A curated list of argument injection vectors
CTF-NetA是一款专门针对CTF比赛的网络流量分析工具,可以对常见的网络流量进行分析,快速自动获取flag。
A public collection of POCs & Exploits for the vulnerabilities I discovered
Minimal working example of transparent proxying with iptables TPROXY
ChatGPT Jailbreaks, GPT Assistants Prompt Leaks, GPTs Prompt Injection, LLM Prompt Security, Super Prompts, Prompt Hack, Prompt Security, Ai Prompt Engineering, Adversarial Machine Learning.
A collection of Server-Side Prototype Pollution gadgets and exploits
Kernel mode WinDbg extension and PoCs for token privilege investigation.
USB mouse traffic packet forensic tool, mainly used to draw mouse movements and dragging trajectories
An archive of descrypt hashes for common non-personal passwords
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入
This repo provides tools for FortiGate firmware rootfs decryption
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Windows Local Privilege Escalation Cookbook
POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library