shincehor's starred repositories
Unexpected_information
Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。
AgentInjectTool
改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能
xor-shellcode-and-ppid-spoofing
异或shellcode和ppid欺骗免杀
BypassAnti-Virus
免杀姿势学习、记录、复现。
SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
HackBrowserData
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
APC-inject
APC注入自身进程来进行权限维持
SchTask_0x727
创建隐藏计划任务,权限维持,Bypass AV
LocalAdminSharp
.NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
shisoserial
一个针对shiro反序列化漏洞(CVE-2016-4437)的快速利用工具/A simple tool targeted at shiro framework attacks with ysoserial.
golang-shellcode-bypassav
2021.12.9 使用go语言免杀360、微软、腾讯、火绒
NEW_xp_CAPTCHA
xp_CAPTCHA(瞎跑 白嫖版) burp 验证码 识别 burp插件
StealAllTokens
This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate and use whatever token present at any process
StopDefender
Stop Windows Defender programmatically
wmiexec-RegOut
Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-software in lateral movement like WMIHACKER.
CVE-2021-40449-Exploit
windows 10 14393 LPE