Hzllaga's starred repositories
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
hackerone-reports
Top disclosed reports from HackerOne
ShiroAttack2
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
captcha-killer-modified
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
redis-rogue-server
Redis(<=5.0.5) RCE
wmiexec-Pro
New generation of wmiexec.py
nopowershell
PowerShell rebuilt in C# for Red Teaming purposes
SharpDllProxy
Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
shiro-550-with-NoCC
Shiro-550 不依赖CC链利用工具
MagicSigner
Signtool for expired certificates
SharpToken
Windows Token Stealing Expert
awsKeyTools
AWS云平台 AccessKey 泄漏利用工具
Win-PS2EXE
Graphical frontend to PS1-to-EXE-compiler PS2EXE.ps1
RedisModules-ExecuteCommand
Tools, utilities and scripts to help you write redis modules!
reverse-sourcemap
:telescope: Reverse engineering JavaScript and CSS sources from sourcemaps
aws_consoler
A utility to convert your AWS CLI credentials into AWS console access.
php_filter_chains_oracle_exploit
A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.
sitemap_importer
sitemap_importer extension for Burp.