coward's repositories
ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
AlliN
A flexible scanner
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
awesome-java-security
Java安全☞代码审计/漏洞研究/武器化
CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
cf
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
CodeqlNote
Codeql学习笔记
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
CustomKeyboardLayoutPersistence
Achieve execution using a custom keyboard layout
DavRelayUp
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
EHole
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
gobuster
Directory/File, DNS and VHost busting tool written in Go
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
HardHatC2
A C# Command & Control framework
ldap_shell
AD ACL abuse
Learning_summary
对于安全学习的一些总结,更新ing,期待 Fork & Star!
linux-exploit-suggester
Linux privilege escalation auditing tool
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 ...
naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
PrivescCheck
Privilege Escalation Enumeration Script for Windows
PSAsyncShell
PowerShell Asynchronous TCP Reverse Shell
SharpLink
Create file system symbolic links from low privileged user accounts within PowerShell
SharpSystemTriggers
Collection of remote authentication triggers in C#
WaterDragon
WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对抗,hackone,src,proxy,CVE-2020,CVE-2021,CVE-2022
wmiexec-Pro
New generation of wmiexec.py