RainClown's starred repositories
vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
TotalRegistry
Total Registry - enhanced Registry editor/viewer
XSS-Payloads
List of XSS Vectors/Payloads
Awesome-RedTeam-Cheatsheet
Red Team Cheatsheet in constant expansion.
redis-rogue-server
Redis(<=5.0.5) RCE
SecDictionary
实战沉淀字典
ExploitGSM
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
AheadLib-x86-x64
hijack dll Source Code Generator. support x86/x64
SharpBeacon
CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
360SafeBrowsergetpass
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
ScopeSentry
ScopeSentry-网络空间测绘、子域名枚举、端口扫描、敏感信息发现、漏洞扫描、分布式节点
BananaPhone
It's a go variant of Hells gate! (directly calling windows kernel functions, but from Go!)
cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
gatherBurp
一款burp插件,请看简介
RedTeamOps-Havoc-101
Materials for the workshop "Red Team Ops: Havoc 101"
javaeasyscan
javaeasyscanner - 富婆系列,代码审计辅助工具,致力于解放大脑,方便双手
Tampermonkey_cha11
渗透测试中常用油猴脚本