MrFk's starred repositories
zentaopms_poc
禅道相关poc
CobaltWhispers
CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and more, leveraging direct syscalls (SysWhispers2) to bypass EDR/AV
520apkhook
将安卓远控Apk附加进普通的App中,运行新生成的App时,普通App正常运行,远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote control goes online seamlessly.
PassTheChallenge
Recovering NTLM hashes from Credential Guard
DirCreate2System
Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
SharpUserIP
获取服务器或域控登录日志
CVE-2022-27925
A loader for zimbra 2022 rce (cve-2022-27925)
ShadowSpray
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
PySQLTools
Mssql利用工具
PassTheCert
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
LdapRelayScan
Check for LDAP protections regarding the relay of NTLM authentication
CreateUser
绕过360,火绒添加用户
VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
CVE-2022-2992
Authenticated Remote Command Execution in Gitlab via GitHub import
CNVD-2022-42853
禅道开源版16.5&16.5beta1,企业版6.5&6.5beta1,旗舰版3.0&3.0beta1的前台SQL注入
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
IDA-Pro-tips
IDA Pro每周小技巧
go-memexec
Run code from memory