大剑's repositories
sysMiniDumpWD
A lsass dump tool using MiniDumpWriteDump & syscall(NtOpenProcess) technique. only tested on windows 11 with defender enabled:-)
cve-2023-21768-compiled
cve-2023-21768
shellcode_xor
shellcode obfuscation
signed-rundll
.exe files signed by microsoft, use it like rundll32 for evasion.
Awesome-RedTeam-Cheatsheet
Active Directory & Red-Team Cheat-Sheet in constant expansion.
Some_PE_Files
Some PE files for remote loading.
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
2023Hvv
2023 HVV情报速递~
Canteen
云食堂-智慧食堂管理系统存在阿里云OSS AccessKey 泄露问题
CRTInjection
example of CreateRemoteThread injection
cve
Gather and update all available and newest CVEs with their PoC.
FilelessNtdllReflection
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export table
impacket
Impacket is a collection of Python classes for working with network protocols.
KDStab
BOF combination of KillDefender and Backstab
pe_to_shellcode
Converts PE into a shellcode
pi-defender
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
pinduoduo_backdoor_detailed_report
Maybe the most detailed analysis of pdd backdoors
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
Sandman
Sandman is a NTP based backdoor for red team engagements in hardened networks.
sliver
Adversary Emulation Framework
VX-API-1
Collection of various malicious functionality to aid in malware development
Win32_Offensive_Cheatsheet
Win32 and Kernel abusing techniques for pentesters