N0ooooone

SharPersist

Fiora

Fiora：漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行，也可作为burp插件使用。

crawlergo_x_XRAY

360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能

crawlergo

A powerful browser crawler for web vulnerability scanners

SpringBoot-Scan

针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

HackBrowserData

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

JNDInjector

一个高度可定制化的JNDI和Java反序列化利用工具

terminal

The new Windows Terminal and the original Windows console host, all in the same place!

CrossNet-Beta

红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。

woodpecker-framework-release

高危漏洞精准检测与深度利用框架

GUI_Tools

一个由各种图形化渗透工具组成的工具集

SysWhispers2

AV/EDR evasion via direct system calls.

Cooolis-ms

Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具，它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的代码，帮助红队人员更方便快捷的从Web容器环境切换到C2环境进一步进行工作。

vulbase

各大漏洞文库合集

Apache-Solr-RCE

Apache Solr Exploits 🌟

C-To-Shellcode-Examples

pwn_jenkins

Notes about attacking Jenkins servers

ScareCrow-CobaltStrike

Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)

shellcodeloader

shellcodeloader

EVA3

using hellsgate in EVA to get the syscalls

CandyPotato

Pure C++, weaponized, fully automated implementation of RottenPotatoNG

Red-Team-Infrastructure-Wiki

Wiki to collect Red Team infrastructure hardening resources

SigThief

Stealing Signatures and Making One Invalid Signature at a Time

azureOutlookC2

Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.

MemoryModule

Load dll/exe from memory. Support .NET "AnyCPU" platform!

Cronos-Rootkit

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

BokuLoader

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

nps

一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发，可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面，内网dns解析、内网socks5代理等等……，并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.

Stowaway

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Godzilla

哥斯拉