abcheroworld's repositories
airgeddon
This is a multi-use bash script for Linux systems to audit wireless networks.
ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
ARL2
ARL官方仓库备份项目+指纹添加工具:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
chromedb
Read Chromium data (namely, cookies and local storage) straight from disk, without spinning up the browser.
Cobalt-Strike
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
CVE-2024-27198-RCE
CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4
deluder
Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
DNS-Tunnel-Keylogger
Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes.
Dome
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by appending a shellcode stub
no-defender
A slightly more fun way to disable windows defender. (through the WSC api)
edr-internals
Tools for analyzing EDR agents
fileless-elf-exec
Execute ELF files without dropping them on disk
fs
符合个人渗透开发习惯的fscan
glider
glider is a forward proxy with multiple protocols support, and also a dns/dhcp server with ipset management features(like dnsmasq).
nekoray
Qt based cross-platform GUI proxy configuration manager (backend: sing-box)
nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
oneshell
Reverse shell listener and payload generator designed to work on most Linux targets
PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
pretender
Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
Pyramid
a tool to help operate in EDRs' blind spots
RdpStrike
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
RemoteKrbRelay
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
Shelter
ROP-based sleep obfuscation to evade memory scanners
skyhook
A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.
smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
tl-rtc-file
WebRTC P2P online web media streaming tool (for files, video, screen, live streaming, text) with management and statistical monitoring capabilities.
wedgeberry
Interactive terminal based tool to configure a Raspberry Pi into a transparent Wifi based proxy with traffic tunnelling support
XiebroC2
Go编写的多人运动渗透测试图形化框架、支持lua插件扩展、自定义多个模块、自定义shellcode、文件管理、进程管理、内存加载、反向代理等功能
XPost
A Post Exploitation Tool for High Value Systems