QAX A-Team

BrowserGhost

这是一个抓取浏览器密码的工具，后续会添加更多功能

LuWu

红队基础设施自动化部署工具

WeblogicEnvironment

Weblogic环境搭建工具

sharpwmi

sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。

EventCleaner

A tool mainly to erase specified records from Windows event logs, with additional functionalities.

CobaltStrike-Toolset

Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on

EventLogMaster

Cobalt Strike插件 - RDP日志取证&清除

ptrace

a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数，避开基于execve系统调用监控的命令日志

PandaSniper

Linux C2 框架demo，为期2周的”黑客编程马拉松“，从学习编程语言开始到实现一个demo的产物

HideShell

A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.

redis_lua_exploit

NtlmSocks

a pass-the-hash tool

SerialWriter

SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.

ptyshell

A reverse PTY shell in C

openssh-7.6p1-patch

a patched sshd for red team activities

getpass

a mini tool to dump password and NTLM hash from WDigest & MSV1_0 & tspkg, as a result of study of mimikatz

dcpwn

an impacket-dependent script exploiting CVE-2019-1040

mscache

a tool to manipulate dcc(domain cached credentials) in windows registry, based mainly on the work of mimikatz and impacket

KerberosUserEnum

Kerberos accounts enumeration taking advantage of AS-REQ

Papers

Papers

CVE-2018-20250

010 Editor template for ACE archive format & CVE-2018-2025[0-3]

sunburst_decoder

SUNBURST DGA decoder

cisco_ppc_rsp

A debugger in Python for Cisco c3560