RedTeam
gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications
share some useful archives about vm and qemu escape exploit.
Tool for Active Directory Certificate Services enumeration and abuse
Top disclosed reports from HackerOne
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
This map lists the essential techniques to bypass anti-virus and EDR
Community curated list of templates for the nuclei engine to find security vulnerabilities.
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
A collaborative, multi-platform, red teaming framework
This repository contains complete resources and coding practices for malware development using Rust 🦀.
CodeQL zero to hero blog post series challenges
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.
👻Stowaway -- Multi-hop Proxy Tool for pentesters
A command and control framework written in rust.
4个 .soap 版本的WebShell(持续更新维护),优点:可以运行于子目录,突破了过去只能运行于根目录的限制。4个脚本分别支持调用cmd.exe/哥斯拉/冰蝎/天蝎 客户端。
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…