wiwei132

gpt-crawler

Crawl a site to generate knowledge files to create your own custom GPT from a URL

kubeshark

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes

testssl.sh

Testing TLS/SSL encryption anywhere on any port

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

securityonion

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

bpf-developer-tutorial

eBPF Developer Tutorial: Learning eBPF Step by Step with Examples

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

PassGAN

A Deep Learning Approach for Password Guessing (https://arxiv.org/abs/1709.00440)

EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

java-memshell-generator-release

一款支持高度自定义的 Java 内存马生成工具

krbrelayx

Kerberos unconstrained delegation abuse toolkit

burp-awesome-tls

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

wmiexec-Pro

New generation of wmiexec.py

JNDI-Exploit-Kit

JNDI-Exploitation-Kit（A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection）

Terminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

FilelessPELoader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

WELA

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Killer

Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.

ThunderSearch

小而美【支持Fofa、Shodan、Hunter、Zoomeye、Quake网络空间搜索引擎】闪电搜索器；GUI图形化(Mac/Windows)渗透测试信息搜集工具；资产搜集引擎；hw红队工具hvv

HackerPermKeeper

Linux权限维持

Restore-JS

《反爬虫JS破解与混淆还原手册》 by @No-Attack @LoseNine。 一本教你JS破解以及混淆与还原的教程。欢迎star，持续更新。

MemoryShell

JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring

msmap

Msmap is a Memory WebShell Generator.

js-cookie-monitor-debugger-hook

js cookie逆向利器：js cookie变动监控可视化工具 & js cookie hook打条件断点

flamingo

Flamingo captures credentials sprayed across the network by various IT and security products.

Sign-Sacker

Sign-Sacker(签名掠夺者)：一款数字签名复制器，可将其他官方exe中数字签名，图标，详细信息复制到没有签名的exe中，作为免杀，权限维持，伪装的一种小手段。

java-echo-generator

一款支持高度自定义的 Java 回显载荷生成工具｜A highly customizable Java echo payload generation tool.

POSTDump

Doge-Gabh

GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisper/RefleXXion golang implementation

OPSEC-Tradecraft

Collection of OPSEC Tradecraft and TTPs for Red Team Operations