kuA35sSaasd's repositories
CVE-2022-0847-DirtyPipe-Exploit
A root exploit for CVE-2022-0847 (Dirty Pipe)
VXUG-Papers
Research code & papers from members of vx-underground.
AES
C++ AES implementation
aksk_tool
AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS管理,RDS/DB管理,域名管理,添加RAM/CAM/IAM账号等
CVE-2023-36427
Report and exploit of CVE-2023-36427
DHLYK
大灰狼远控木马 V9.5 源码
Doge-Gabh
GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisper/RefleXXion golang implementation
HadesLdr
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
HiddenDesktop
HVNC for Cobalt Strike
Hunt-Weird-Syscalls
ETW based POC to identify direct and indirect syscalls
gitlab_rce_cve-2022-2884
Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.
ipc-use
通过获取的用户名密码,尝试对目标主机进行 ipc 连接,连接成功的的话上传文件,然后添加计划任务
JNDIEXP
JDNI在java高版本的利用工具,FUZZ利用链
LiangNat
使用java网络编程实现的内网穿透、端口映射、socks5代理上网,分为服务端和客户端,类似于frp,增加了IP防火墙管理功能,通过web网页方便地添加删除IP白名单
lm_tools
横向移动三剑客 ( Lateral movement tools)
mhydeath
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
Pake
🤱🏻 Turn any webpage into a desktop app with Rust. 🤱🏻 很简单的用 Rust 打包网页生成很小的桌面 App
poc-cve-2021-4034
PoC for CVE-2021-4034 dubbed pwnkit
scaninfo
fast scan for redtools
Session-Hijacking-Visual-Exploitation
Session Hijacking Visual Exploitation
SharpSQLTools
SharpSQLTools 和@Rcoil一起写的小工具,可上传下载文件,xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
SharpUserIP
在域控或远程提取登录日志,快速获取域用户对应的IP地址
shell2xor
raw shellcode to xor with c++ sutable byte array
Spark
✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的,网页UI、跨平台以及多功能的远程控制和监控工具,你可以随时随地监控和控制所有设备。
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
WinShellcode
Make your own windows shellcode