Quinn Yan's repositories
golang-shellcode-bypassav
2021.12.9 使用go语言免杀360、微软、腾讯、火绒
reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
presentations
Presentations from the CX Security Labs team
EDR_Detector
EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.
AH2021Workshop
Malware development for red teaming workshop
VisualBasicObfuscator
Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
InCloud
运行于GitHub Actions 的仓库中自动化、自定义和执行软件开发工作流程,可以自己根据喜好定制功能,InCloud已经为您定制好了十种针对网段和域名的不同场景的信息收集与漏洞扫描流程。
OneForAll-WebUI
OneForAll-WebUI
AWAE-OSWE_Prep
Bunch of resources and write ups for the OSWE exam and certification.
Exploit-Dev-OSCE
Exploit Development, backdooring PE, bypassing Anti-Virus (AV), assembly shellcoding
CSSG
Cobalt Strike Shellcode Generator
GoYiyi
提供一个Golang 的bypass AV 思路。
bypass-BeaconEye
bypass BeaconEye
OSCE-Complete-Guide
OSWE, OSEP, OSED
CodeReview
代码审计总结
Vehicle-Security-Toolkit
汽车安全测试工具集
UDPlant
UDP implant
ctf-book
CTF竞赛权威指南(Pwn篇) 相关资源
OSWE-Labs-Poc
Dockerized labs For Web Expert (OSWE) certification. Preparation for coming AWAE Training ...
Fastjson
Fastjson姿势技巧集合
red-tldr
red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel with certain experience.
Tips-for-Geek
记录工作中遇到的一些小知识小技巧
OSCE-1
Collection of Windows usermode exploits targeting various third-party software applications, these exploits were written in preparation for the Offsec CTP/OSCE certification
OSWE-Prep
Useful tips and resources for preparing for the AWAE exam.