startagain2016's repositories
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
Ashro_linux
Linux通用应急响应脚本,适用大多数情况
BurpAPIFinder
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
CVE-2024-26229
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
CVE-2024-4577
PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC
CVE-2024-4577-PHP-RCE
[漏洞复现] 全球首款利用PHP默认环境的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP,共享原创EXP,支持SSRF,支持绕过WAF。The world's first CVE-2024-4577 PHP-CGI RCE exploit utilizing the default PHP environment. Sharing original exploit, supports SSRF, supports WAF bypass.
CVE-2024-4578
CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.
deoptimizer
Machine code de-optimizer.
Dsebler
Reimplementation of the KExecDD DSE bypass technique.
fs
符合个人渗透开发习惯的fscan
GoRedOps
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
gost
GO Simple Tunnel - a simple tunnel written in golang
gwpsan
GWPSan: Sampling-Based Sanitizer Framework
InjectTools
一款集成了Ring0和3以及APC的提权注入工具
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
OdinLdr
Cobaltstrike UDRL with memory evasion
ollama
Get up and running with Llama 3.1, Mistral, Gemma 2, and other large language models.
PentesterSpecialDict
Dictionary sets often used in penetration testing work , 渗透测试工作中经常使用的字典集。
POC-3
收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了600多个poc/exp,长期更新。
qengine
C++ 17 or higher control flow obfuscation library for windows binaries
RflDllOb
Reflective DLL Injection Made Bella
ROP_ROCKET
ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.
RWX_MEMEORY_HUNT_AND_INJECTION_DV
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
ScopeSentry-Scan
ScopeSentry工具扫描端源码
scrcpy
Display and control your Android device
spp
A simple and powerful proxy
ssh3
SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/
wstunnel
Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available
zmap
ZMap is a fast single packet network scanner designed for Internet-wide network surveys.