evilashz

SharpADUserIP

提取DC日志，快速获取域用户对应IP地址

PigScheduleTask

添加计划任务方法集合

CheeseOunce

Coerce Windows machines auth via MS-EVEN

NimFileBinder

A Builder for Binding EvilFile and Normal File with auto release

PigSyscall

An implementation of an indirect system call

CVE-2021-1675-LPE-EXP

PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527

frpBuilder

To Make frp with no arguments and ini file ,which Conveniently in red teaming

Visual-Studio-BOF-template

more conveniently Visual-Studio-BOF-template

ExchangeSSRFtoRCEExploit

CVE-2021-26855 & CVE-2021-27065

ProxyAPICall

Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI

PIGADVulnScanner

检测域内常见一把梭漏洞，包括：NoPac、ZeroLogon、CVE-2022-26923、PrintNightMare

RemoteMemorymodule

Load the evilDLL from socket connection without touch disk

FRP-0.38-DomainFronting

域前置版本FRP

PigGetWeChatKey

动态获取微信Key工具

AddShare

添加Windows机器网络共享文件夹

PigLoader

An shellcode loader which contains many useful functions

exchange-server-27065

patch diff

ElusiveMice

Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind

evilashz

evilashz.github.io

PSSW100AVB

A list of useful Powershell scripts with 100% AV bypass (At the time of publication).

al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

CheekyBlinder

Enumerating and removing kernel callbacks using signed vulnerable drivers

DarkLoadLibrary

LoadLibrary for offensive operations

EDRs

LockdExeDemo

A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/

myscan

myscan 被动扫描

windows-syscalls

Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)

ysoserial.net

Deserialization payload generator for a variety of .NET formatters

zstack

ZStack - the open-source IaaS software http://zstack.org (国内用户请至 http://zstack.io)