idnu11

HERCULES

customizable payload generator that can bypass antivirus software

FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp

警惕 一种针对红队的新型溯源手段!

DomainInfo_Find

批量获取域内机器桌面文件

Webshell_Generate

用于生成各类免杀webshell

sliver

Adversary Emulation Framework

GBByPass

冰蝎 哥斯拉 WebShell bypass

webshells

My personal collection of webshells for educational purposes. Most are custom implementations/adaptations of stuff I found on the internet.

webshell

This is a webshell open source project

webshell

免杀webshell生成工具

cve-2022-22947-godzilla-memshell

CVE-2022-22947 注入Godzilla内存马

cobaltstrike-aggressor-scripts

A collection of Cobalt Strike Aggressor scripts.

inceptor

Template-Driven AV/EDR Evasion Framework

maldev-links

My collection of malware dev links

Stealth_shellcode_runners

Automatic-permission-maintenance

CobaltStrike 上线自动权限维持插件

CVE-2022-39197

CobaltStrike <= 4.7.1 RCE

Cobalt_Strike_bot

Cobalt Strike 上线提醒，飞书、钉钉、企业微信机械人，cs上线提醒。

MDUT

MDUT - Multiple Database Utilization Tools

Mythic

A collaborative, multi-platform, red teaming framework

merlin

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

JNDI-Exploit-Kit

JNDI-Exploitation-Kit（A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection）

emp3r0r

Linux/Windows post-exploitation framework made by linux user

yulong-hids-archived

[archived] 一款实验性质的主机入侵检测系统

zkar

ZKar is a Java serialization protocol analysis tool implement in Go.

SecurityProduct

开源安全产品源码，IDS、IPS、WAF、蜜罐等

404StarLink

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

DdecodeProGodzilla

2022 red team 魔改哥斯拉流量解码

Injector

Command line utility to inject and eject DLLs

DLLhijack-ShellcodeLoader

DLLhijack winmm.dll

ShellCodeLoaderCSharp

A small shellcode loader library written in C#