GKDshell's repositories
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
bottleneckOsmosis
瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf
BypassAV
Cobalt Strike插件,用于快速生成免杀的可执行文件
bypassAV-1
免杀shellcode加载器
BypassAv-web
nim一键免杀
Crawlergo_x_Rad_x_XRAY
rad加crawlergo爬虫,查漏补缺
CVE-2020-0787-EXP-ALL-WINDOWS-VERSION
Support ALL Windows Version
Doge-XSS-Phishing
xss钓鱼,cna插件配合php后端收杆
go-packer
golang打包二进制进行免杀
GPS-Telephone-short-message
获取手机GPS定位 通讯录 短信 电话
InScan
边界打点后的自动化渗透工具
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
JsLoader
js免杀shellcode,绕过杀毒添加自启
LangSrcCurise
SRC子域名资产监控
Malleable-C2-Profiles
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Redis-Getshell
Redis 未授权检测,密码爆破,Webshell写入,SSH公私钥写入,定时计划反弹Shell.
SecondaryDevCobaltStrike
二次开发过后的CobaltStrike,版本为4.1.在原来CobaltStrike的基础上修改多处特征,解决流量查杀问题.
SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
shellcodeloader
shellcodeloader
SimpleShellcodeInjector
SimpleShellcodeInjector receives as an argument a shellcode in hex and executes it. It DOES NOT inject the shellcode in a third party application.
SimpleXORshellcode
XOR shellcode,and use loader load it
Taie-AutoPhishing
剑指钓鱼基建快速部署自动化
TG_Session_Compress_Steal
steal Windows Telegram Desktop session
uuid_go_loder
bypass AV
YongYou
用友GRP-u8 注入POC