nopadd's repositories

AES_Shellcode_Encryptor

This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. Process of encrypting shellcode is very important for injection processes to bypass signature based detection by the security controls.

Language:C#Stargazers:0Issues:0Issues:0

ARCInject

Overwrite a process's recovery callback and invoke a crash to execute

Language:C#License:BSD-3-ClauseStargazers:0Issues:0Issues:0

Binary-Learning

滴水逆向初、中级学习笔记,不定时更新,自用仓库,不喜勿喷;感谢滴水,有如此完整体系的学习视频,白嫖党嫖了一波...感谢滴水的老师,听课受益匪浅。

Stargazers:0Issues:0Issues:0

Bundler

PE学习小工具,它的作用就是将32位的PE文件的按内存对齐,然后合并所有节,接着新增一个节存放Shellcode,将程序入口位置修改到Shellcode的位置。

Language:C++Stargazers:0Issues:0Issues:0
Language:JavaScriptStargazers:0Issues:0Issues:0

code-inspector

Java code inspector for web vulnerability scan, building method call chains and emulate stack frame for analysis (JavaWeb漏洞审计工具,构建方法调用链并模拟栈帧进行分析)

Language:JavaStargazers:0Issues:0Issues:0

Container-Vulnerability-Exploit

容器安全漏洞的分析与复现

Language:CStargazers:0Issues:0Issues:0

DInjector

Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL

Language:C#License:BSD-2-ClauseStargazers:0Issues:0Issues:0

ENScan_GO

一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Stargazers:0Issues:0Issues:0

javaweb-vuln

RASP测试靶场

Stargazers:0Issues:0Issues:0

JNDIExploit-1

一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)

Stargazers:0Issues:0Issues:0

just4fun

just4fun

Stargazers:0Issues:2Issues:0

katacoda-scenarios

Katacoda Scenarios

Stargazers:0Issues:0Issues:0

lbb

lbb是一个企业信息查询工具,可以帮助企业查询自身对外公开的应用、新媒体,网站等。

Stargazers:0Issues:0Issues:0

linuxhacker

一款linux 内网渗透辅助工具

Language:PerlStargazers:0Issues:0Issues:0

LinuxTQ

《Linux提权工具与方法论》

Stargazers:0Issues:0Issues:0

netspy

netspy是一款快速探测内网可达网段工具

Stargazers:0Issues:0Issues:0

noPac

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

Language:C#Stargazers:0Issues:0Issues:0

OrcaC2

OrcaC2是一款基于Websocket加密通信的多功能C&C框架,使用Golang实现。

Language:GoLicense:GPL-3.0Stargazers:0Issues:0Issues:0

Ortau

一个用于隐藏C2的、开箱即用的反向代理服务器。旨在省去繁琐的配置Nginx服务的过程。

Stargazers:0Issues:0Issues:0

POC-bomber

利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点

Language:PythonStargazers:0Issues:0Issues:0

SecCrawler

一个方便安全研究人员获取每日安全日报的爬虫和推送程序,目前爬取范围包括先知社区、安全客、Seebug Paper、跳跳糖、奇安信攻防社区、棱角社区,持续更新中。

License:GPL-3.0Stargazers:0Issues:0Issues:0

Serein

【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。

Stargazers:0Issues:0Issues:0

SharpInjector

C# shellcode injector that utilizes functions exported from ntdll.dll.

Stargazers:0Issues:0Issues:0

shell-analyzer

Java内存马查杀GUI工具,实时动态分析,支持本地和远程查杀

Language:JavaLicense:MITStargazers:0Issues:0Issues:0

Shellcode_Memory_Loader

基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)

Stargazers:0Issues:0Issues:0

UserAdd

Bypass AV 用户添加

Language:C#Stargazers:0Issues:0Issues:0

vhost_password_decrypt

vhost password decrypt

Stargazers:0Issues:0Issues:0

WinRpcTest

利用RPC服务,内网批量探测Windows出网

Stargazers:0Issues:0Issues:0

WMEye

WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement

Language:C#License:MITStargazers:0Issues:0Issues:0