SaiRson's repositories
About-Attack
一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集,降低红队技术门槛的手册【持续更新】
ants
🐜🐜🐜 ants is a high-performance and low-cost goroutine pool in Go, inspired by fasthttp./ ants 是一个高性能且低损耗的 goroutine 池。
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
CVE-2021-22005
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
dict-hub
红队字典:默认口令或弱口令
DonPAPI
Dumping DPAPI credz remotely
Empire
Empire is a PowerShell and Python 3.x post-exploitation framework.
Erebus
CobaltStrike后渗透测试插件
Geacon
Using Go to implement CobaltStrike's Beacon
go-mimikatz
A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.
GolangBypassAV
研究golang各种姿势bypassAV
gosecretsdump
Dump ntds.dit really fast
grdp
pure golang rdp protocol
JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
jwt-hack
🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
Library-POC
漏洞poc&exp存档
PentestDB
各种数据库的利用姿势
PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
ProxyVulns
[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] WaitForUpdate
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
SharpKatz
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
StopDefender
Stop Windows Defender programmatically
supplier
主流供应商的一些攻击性漏洞汇总
whids
Open Source EDR for Windows
zipcreater
ZipCreater主要应用于跨目录的文件上传漏洞的利用,它能够快速进行压缩包生成。