xixikotete's starred repositories
smbtakeover
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
Hook_WeChat_FaaS
frida Hook 微信云函数脚本
go-cryptobin
go 常用加密解密库/go encrypt or decrypt pkg(RSA/SM2/EIGamal/Gost/AES/DES/TripleDes/SM4/Tea/Twofish)
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
Rust-for-Malware-Development
This repository contains my complete resources and coding practices for malware development using Rust 🦀.
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
Z-Godzilla_ekp
哥斯拉webshell管理工具二次开发规避流量检测设备
CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
WindowsBaselineAssistant
Windows安全基线核查加固助手
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
APT-Individual-Combat-Guide
《APT Individual Combat Guide》