Stars
一个高价值漏洞采集与推送服务 | Collect valueable vulnerabilities and push them to various services
为GPT/GLM等LLM大语言模型提供实用化交互接口,特别优化论文阅读/润色/写作体验,模块化设计,支持自定义快捷按钮&函数插件,支持Python和C++等项目剖析&自译解功能,PDF/LaTex论文翻译&总结功能,支持并行问询多种LLM模型,支持chatglm3等本地模型。接入通义千问, deepseekcoder, 讯飞星火, 文心一言, llama2, rwkv, claude2, m…
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Kraken, a modular multi-language webshell coded by @secu_x11
This project is aimed at freely providing technical guides on various hacking topics.
The cheat sheet about Java Deserialization vulnerabilities
This map lists the essential techniques to bypass anti-virus and EDR
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
a rep for documenting my study, may be from 0 to 0.1
Tools and Techniques for Blue Team / Incident Response
a simple tool to detect potential security threat in php code
laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
Collection of malware source code for a variety of platforms in an array of different programming languages.
Interesting APT Report Collection And Some Special IOCs
Veil Evasion is no longer supported, use Veil 3.0!
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。
RedEye is a visual analytic tool supporting Red & Blue Team operations
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true wit…
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
[WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
Enumerate and disable common sources of telemetry used by AV/EDR.
A small tool that allows to run WinAPI functions through command line parameters