Sophia's repositories
AV_Evasion_Tool
掩日 - 免杀执行器生成工具
AvoidkillingPHP
免杀PHP木马生成器
Awesome-Redteam
一个红队知识仓库
captcha-killer-modified
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
command
红队命令速查 是由棱角社区(Edge Forum) 整理的关于 Red Team 期间所常使用的一些基础命令。
CSAgent
CobaltStrike 4.x通用白嫖及汉化加载器
cve
Gather and update all available and newest CVEs with their PoC.
darkPulse
darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,目前免杀火绒,360,360核晶。
ddddocr
带带弟弟 通用验证码识别OCR pypi版
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
GobypassAV-shellcode
免杀shellcode加载器,使用go实现,免杀bypass火绒、360、核晶、def等主流杀软
HVVault
梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。
JoJoLoader
助力红队成员一键生成免杀木马,使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan
kernel-exploit-factory
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
LandrayOATreexmlRCE
LandrayOATreexmlRCE / 蓝凌OA Treexml远程命令执行
LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
linux-exploit-suggester
Linux privilege escalation auditing tool
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
mdserver-web
Simple Linux Panel
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
scan4all
Vulnerabilities Scan: 15000+PoCs; 20 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty...
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
UEditorGetShell
UEditor编辑器批量GetShell / Code By:Tas9er
vulPOC
vulPOC 用于记录本人复现过的漏洞 poc
watchvuln
一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service
xsshunter-express
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!