WhiteOdin's repositories
awesome-lists
Awesome Security lists for SOC/CERT/CTI
CVE-2023-38831-winrar-exploit
CVE-2023-38831 winrar exploit generator
CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
CVE-2024-27804
POC for CVE-2024-27804
CVE-2024-4577
CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.
CVE-2024-4577-PHP-RCE
全球首款利用PHP默认环境的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP,共享原创EXP,支持SSRF,支持绕过WAF。The world's first CVE-2024-4577 PHP-CGI RCE exploit utilizing the default PHP environment. Sharing original exploit, supports SSRF, supports WAF bypass.
DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
Havoc
The Havoc Framework.
IP-Hunter
Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process
JimuReport
🔥「数据可视化报表工具」类似excel操作风格,在线拖拽完成报表设计!功能涵盖: 报表设计、图形报表、打印设计、大屏设计等,完全免费!秉承“简单、易用、专业”的产品理念,极大的降低报表开发难度、缩短开发周期、解决各类报表难题。
Kematian-Stealer
The best and completely open source Stealer
KnowledgeBase
Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff
Linux-Incident-Response
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
lux
👾 Fast and simple video download library and CLI tool written in Go
Malware
macOS Malware Collection
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
MoYu
魔域挂机
Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
open-source-examples
开源实例系列镜像
pycdc
C++ python bytecode disassembler and decompiler
PyWxDump
SharpWxDump的Python语言版。微信客户端取证,可获取用户个人信息(昵称/账号/手机/邮箱/数据库密钥(用来解密聊天记录)),解密脚本,获取数据库脚本;持获取多用户信息,目前支持所有新版本、正式版版本
ransomwatch
the transparent ransomware claim tracker 🥷🏼🧅🖥️
RingQ
一款后渗透免杀工具,助力每一位像我这样的脚本小子快速实现免杀,支持bypass 360 火绒 Windows Defender
SigmaPotato
SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.
solsec
A collection of resources to study Solana smart contract security, auditing, and exploits.
VectorKernel
PoCs for Kernelmode rootkit techniques research.