Beast code in Giters

ShenMingF's starred repositories

GetWindowsCredentials

通过WindowsAPI获取用户凭证，并保存到文件中

Language:C++19300

Locksmith

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

Language:PowerShellNOASSERTION77300

CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and more, leveraging direct syscalls (SysWhispers2) to bypass EDR/AV

Language:CMIT21800

PSRansom

PowerShell Ransomware Simulator with C2 Server

Language:PowerShellGPL-3.045300

CloudKeyKiller

阿里云AK泄露利用工具

Language:Python5300

RevokeMsgPatcher

:trollface: A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁（我已经看到了，撤回也没用了）

Language:C#GPL-3.02762600

jndi_tool

JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具

185200

sonic

A blazingly fast JSON serializing & deserializing library

Language:AssemblyApache-2.0656700

HackReport

渗透测试报告/资料文档/渗透经验文档/安全书籍

Language:Python231300

C2concealer

C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.

Language:PythonGPL-3.095100

ssti-payloads

🎯 Server Side Template Injection Payloads

MIT58300

PassTheChallenge

Recovering NTLM hashes from Credential Guard

Language:CMIT31800

crawlergo

A powerful browser crawler for web vulnerability scanners

Language:GoGPL-3.0278800

FCDN

通过域名批量查找没有使用 cdn、云waf、dmzweb的站点。

Language:Python8300

rad-xray

xray+rad批量主动扫描

Language:Python22400

DeimosC2

DeimosC2 is a Golang command and control framework for post-exploitation.

Language:VueMIT108200

WAF-bypass-xss-payloads

XSS payloads for bypassing WAF. This repository is updating continuously.

16900

SchTask_0x727

创建隐藏计划任务，权限维持，Bypass AV

Language:C#MIT50800

ASRenum-BOF

Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations

Language:C++13300

adconnectdump

Dump Azure AD Connect credentials for Azure AD and Active Directory

Language:Python57800

Assassin

Assassin是一款精简的基于命令行的webshell管理工具，它有着多种payload发送方式和编码方式，以及精简的payload代码，使得它成为隐蔽的暗杀者，难以被很好的防御。

Language:JavaApache-2.011500

rsmaker

基于rust的免杀、捆绑框架

Language:Rust13100

FileCodeBox

文件快递柜-匿名口令分享文本，文件，像拿快递一样取文件（FileCodeBox - File Express Cabinet - Anonymous Passcode Sharing Text, Files, Like Taking Express Delivery for Files）

Language:PythonLGPL-3.0364500

PowerShdll

Run PowerShell with rundll32. Bypass software restrictions.

Language:C#MIT173000

msmap

Msmap is a Memory WebShell Generator.

Language:PythonGPL-3.053700

403-bypass

403-bypass tool to bypass 403 responses.

Language:PythonMIT11200

Shhhloader

Syscall Shellcode Loader (Work in Progress)

Language:PythonGPL-3.0108200

SharpCmd

Re-implement cmd.exe using windows api

Language:C#MIT4900

bof-collection

Collection of Beacon Object Files (BOF) for Cobalt Strike

Language:C++16900