MX's repositories
CVE-2023-51764-POC
just idea, no cp pls
vuu-updater-plugin
vulnerability underground updater: loads new payloads, exploits, and vuu AI engine rulesets for automatic exploit chains.
AzureHound
Azure Data Exporter for BloodHound
Brute-Ratel-C4-Community-Kit
This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)
CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
EasyPen
EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation
emba
EMBA - The firmware security analyzer
Embedder
Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
evilgophish
evilginx2 + gophish
FilelessRemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
FormThief
Spoofing desktop login applications with WinForms and WPF
Freeze
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
githubC2
Abusing Github API to host our C2 traffic, usefull for bypassing blocking firewall rules if github is in the target white list , and in case you don't have C2 infrastructure , now you have a free one
GlllPowerloader
绕过AV/EDR的代码例子(Code example to bypass AV/EDR)
Havoc
The Havoc Framework
HiddenDesktop
HVNC for Cobalt Strike
HiddenVM
HiddenVM — Use any desktop OS without leaving a trace.
munin
Online hash checker for Virustotal and other services
NimPlant
A light-weight first-stage C2 implant written in Nim.
pallium
Linux network and security sandbox with support for kernel exploit protection as well as VPN and proxy chaining
sliver
Adversary Emulation Framework
SSH-Snake
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
TokenTactics
Azure JWT Token Manipulation Toolset
tor-control-panel
Windows GUI Client for Tor Expert Bundle
TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
XiebroC2
Go编写的多人运动渗透测试图形化框架、支持lua插件扩展、自定义多个模块、自定义shellcode、文件管理、进程管理、内存加载、反向代理等功能