startagain2016's repositories
arsenalTools
桌面版本-superSearchPlus是聚合型信息收集插件,支持综合查询,资产测绘查询,信息收集 js敏感信息提取 注释资源扫描 目录扫描 整合了目前常见的资产测绘平台 同时支持数据导出
CVE-2023-22809-sudoedit-privesc
A script to automate privilege escalation with CVE-2023-22809 vulnerability
Cyberonix
Cyberonix is a complete resource hub for Cyber Security Community. Our aim is to make this tool an 1 stop solution for all the Hackers out there to get resources of various topics in Cyber Security. We will keep updating this tool & adding new & updated resources on the go.
DarkAngel
DarkAngel 是一款全自动白帽漏洞扫描器,从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、企业微信通知。
Databasetools
一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
dnsx
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
ExecRemoteNET
Execute Remote Assembly with args passing and with AMSI and ETW patching .
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
firefly
Black box fuzzer for web applications
gatherpy
集成多款优秀工具进行一键化信息收集的脚本
IDOR_detect_tool
一款API水平越权漏洞检测工具
MaxPhisher
A python phishing script for login phishing, image phishing video phishing and many more
murphysec
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
myscan-1
构建信息搜集/漏洞扫描
ntqueueapcthreadex-ntdll-gadget-injection
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
OutLook
一款OutLook信息收集工具
proxy_admin_free
Proxy是高性能全功能的http代理、https代理、socks5代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、Websocket代理、TCP代理、UDP代理、DNS代理、DNS加密代理,代理API认证,全能跨平台代理服务器。
RasmanPotato
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
Split
Apply a divide and conquer approach to bypass EDRs
TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
ThreadlessInject
Threadless Process Injection using remote function hooking.
UnhookingPatch
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.