MrFk

OpenVoice

Instant voice cloning by MIT and MyShell.

ddddocr

带带弟弟 通用验证码识别OCR pypi版

404StarLink

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

POC

收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1100多个poc/exp，长期更新。

BypassAV

This map lists the essential techniques to bypass anti-virus and EDR

GodPotato

SpringBoot-Scan

针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

WeblogicTool

WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）

Supershell

Supershell C2 远控平台，基于反向SSH隧道获取完全交互式Shell

goblin

一款适用于红蓝对抗中的仿真钓鱼系统

HiddenDesktop

HVNC for Cobalt Strike

FastjsonScan

Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

Blackout

kill anti-malware protected processes ( BYOVD) (Microsoft Won )

mysql-fake-server

MySQL Fake Server (纯Java实现，支持GUI版和命令行版，提供Dockerfile，支持多种常见JDBC利用)

hack-fastjson-1.2.80

KRBUACBypass

UAC Bypass By Abusing Kerberos Tickets

S-BlastingDictionary

自己搜集的爆破字典，包括常用用户名、密码弱口令、SQL万能密码等

Windows_LPE_AFD_CVE-2023-21768

LPE exploit for CVE-2023-21768

elevationstation

elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative

SSH-Harvester

Harvest passwords automatically from OpenSSH server

Arbitrium-RAT

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

evil_minio

EXP for CVE-2023-28434 MinIO unauthorized to RCE

HexDnsEchoT

命令执行不回显但DNS协议出网的命令回显场景解决方案（修改为使用ceye接收请求，添加自定义DNS服务器）

PigScheduleTask

添加计划任务方法集合

CallStackMasker

A PoC implementation for dynamically masking call stacks with timers.

CVE-2023-3519

RCE exploit for CVE-2023-3519

CVE-2023-0179-PoC

针对（CVE-2023-0179）漏洞利用 该漏洞被分配为CVE-2023-0179，影响了从5.5到6.2-rc3的所有Linux版本，该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。

turner

SOCKS5 and HTTP over TURN/STUN proxy

portsscan

A web client port-scanner written in GO, that supports the WASM/WASI interface for Browser WebAssembly runtime execution.

WMICmd

Remote command execution with WMI that supports Pass-The-Hash