8848's starred repositories
java-memshell-scanner
通过jsp脚本扫描并查杀Tomcat内存马,当前支持Servlet-api、Tomcat-Value、Timer、Websocket 、Upgrade 、ExecutorShell内存马的查杀逻辑。
SessionExec
Execute commands in other Sessions
ChromeKatz
Dump cookies and credentials directly from Chrome/Edge process memory
UserRegEnum_0x727
域内普通域用户权限查找域内所有计算机上登录的用户
CoercedPotatoRDLL
Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
SharpTokenFinder
C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
SharpToken
Windows Token Stealing Expert
cloudTools
云资产管理工具 目前工具定位是云安全相关工具,目前是两个模块 云存储工具、云服务工具, 云存储工具主要是针对oss存储、查看、删除、上传、下载、预览等等 云服务工具主要是针对rds、服务器的管理,查看、执行命令、接管等等
SharpWebServer
Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality
Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.
EDRSandblast-GodFault
EDRSandblast-GodFault
SspiUacBypass
Bypassing UAC with SSPI Datagram Contexts
Jenkins_Credentials_Crack
Jenkins凭据解密脚本,增加对publish_over_ssh插件支持
impacket-gui
impacket-gui
MagnusKatz
Research project for understanding how Mimikatz work and become better at C
SharpShellPipe
This lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.
Reg-Restore-Persistence-Mole
a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Callback of sysmon driver filter. RegSaveKeyExW() and RegRestoreKeyW() API which is not included in monitoring. This POC will use
Amsi_Bypass_In_2023
Amsi Bypass payload that works on Windwos 11
Supershell
Supershell C2 远控平台,基于反向SSH隧道获取完全交互式Shell
RandomTSScripts
Collection of random RedTeam scripts.
Databasetools
一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
Upload_Bypass
A simple tool for bypassing file upload restrictions.