tree-chtsec's repositories
BlogEngine.NET
Multi-User ASP.NET Blogging Application
Chisel-Strike
A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
DcRat
A simple remote tool written in C#. 一个简单的c#远控
docker-javafx
Docker image with javafx
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
firmware-analysis-toolkit
Toolkit to emulate firmware and analyse it for security vulnerabilities
Havoc
The Havoc Framework.
house
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
JavaApplet
These are from Offensive Security. This is for study Client-Side Attack with JavaApplet. A good example of a client side exploit based on a human vulnerability, as opposed to a software vulnerability, is the JavaApplet client side attack. This attack affects targets with Java installed and enabled in their browsers – a required feature for many administrators and power users. As JavaLenabled browsers can run Java applications, it is quite trivial to make our own malicious Java applet which will execute code of our choosing when run. However, there is one drawback: the user will get a warning box before execution of our Java payload. The average user may not understand the implications of clicking Run on this warning box. If the user runs the program, the Java software installed on the victim’s machine will execute our payload happily.!! The Java code below will download a given executable and execute it in a temporary directory on the target machine. But, you need to edit IP address in the program
MicroBackdoor
Small and convenient C2 tool for Windows targets
MiniDump
C# Lsass parser
mitre_attack_csv
MITRE ATT&CK in CSV form
python-fortify
Read and write Fortify Project (FPR) files in Python
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with mi
SharpAgent
C# havoc implant
SharpShooter
Payload Generation Framework
sqlmap
Automatic SQL injection and database takeover tool
Vulnerable-OAuth-2.0-Applications
vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.