ShenMingF's starred repositories
GetWindowsCredentials
通过WindowsAPI获取用户凭证,并保存到文件中
CobaltWhispers
CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and more, leveraging direct syscalls (SysWhispers2) to bypass EDR/AV
CloudKeyKiller
阿里云AK泄露利用工具
RevokeMsgPatcher
:trollface: A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁(我已经看到了,撤回也没用了)
HackReport
渗透测试报告/资料文档/渗透经验文档/安全书籍
C2concealer
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
ssti-payloads
🎯 Server Side Template Injection Payloads
PassTheChallenge
Recovering NTLM hashes from Credential Guard
WAF-bypass-xss-payloads
XSS payloads for bypassing WAF. This repository is updating continuously.
SchTask_0x727
创建隐藏计划任务,权限维持,Bypass AV
ASRenum-BOF
Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
FileCodeBox
文件快递柜-匿名口令分享文本,文件,像拿快递一样取文件(FileCodeBox - File Express Cabinet - Anonymous Passcode Sharing Text, Files, Like Taking Express Delivery for Files)
PowerShdll
Run PowerShell with rundll32. Bypass software restrictions.
403-bypass
403-bypass tool to bypass 403 responses.
Shhhloader
Syscall Shellcode Loader (Work in Progress)
bof-collection
Collection of Beacon Object Files (BOF) for Cobalt Strike