SkyBulk

ViperVenom

ViperVenom - Listener & Spyware Tool Developed and Maintained By Revise7

Huan-loader

Encrypted PE Loader Generator

OSEP-Tooling

Tooling I utilized within the PEN300 training labs

2021-Summer-Some-Day-Exploit

4-ZERO-3

403/401 Bypass Methods + Bash Automation + Your Support ;)

Anti-Virus-Evading-Payloads

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!

BeaconEye

Hunts out CobaltStrike beacons and logs operator command output

byob

An open-source post-exploitation framework for students, researchers and developers.

bypassAV-1

借助Win-PS2EXE项目编写cna脚本方便快速生成免杀可执行文件

C2_Server_Encrypted_-_Advance

Python C2 server advance and encrypted but in development Phase

Detection-Ideas-Rules

Detection Ideas & Rules repository.

DFIR_Resources_REvil_Kaseya

Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack

DOD_STD_DRIVE_ERASE

Repository for my in-progress DOD standard drive erasure software in the Windows API for x86 and x86_64 with VS2010 and VS2019

DongTai-agent-java

“火线～洞态IAST”是一款专为甲方安全人员、代码审计工程师和0 Day漏洞挖掘人员量身打造的辅助工具，可用于集成devops环境进行漏洞检测、作为代码审计的辅助工具和自动化挖掘0 Day。

hashview

A web front-end for password cracking and analytics

HexraysToolbox

Hexrays Toolbox - Find code patterns within the Hexrays AST

managers-playbook

:book: Heuristics for effective management

MsfMania

Python AV Evasion Tools

osed-automation

automation for osed course

PageTableInjection

Code Injection, Inject malicious payload via pagetables pml4.

PayloadAutomation

pharos

Automated static analysis tools for binary programs

PickleC2

PickleC2 is a post-exploitation and lateral movements framework

PickleC2-Documentation

This repo for PickleC2 Documentation

playbooks

Phantom Community Playbooks

post-attack

后渗透：免杀、代理、横向

shellcode_inject

inject and run code into arbitrary process (only x86)

tmc

Threat Mapping Catalogue

YoutubeAsAC2

Poc of using youtube comments for C2 communications

zuthaka

Zuthaka is an open source application designed to assist red-teaming efforts, by simplifying the task of managing different APTs and other post-exploitation tools.