zjicmDarkWing

ShiArthur03

PentestGPT

A GPT-empowered penetration testing tool

Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

ARL

ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

most-common-american-idioms

A book created by xiaolai with the help of ChatGPT and its TTS

awesome-lists

Awesome Security lists for SOC/CERT/CTI

penelope

Penelope Shell Handler

xc

A small reverse shell for Linux & Windows

Red-team-Interview-Questions

Red team Interview Questions

CrimsonEDR

Simulate the behavior of AV/EDR for malware development training.

GoRedOps

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.

LetMeowIn

A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.

CVE-2024-26229

CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code

RDPHijack-BOF

Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.

lsa-whisperer

Tools for interacting with authentication packages using their individual message protocols

eml_analyzer

An application to analyze the EML file

XPost

A Post Exploitation Tool for High Value Systems

cstc

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

Certiception

An ADCS honeypot to catch attackers in your internal network.

PHPSerialize-labs

【Hello-CTF labs】PHPSerialize-labs是一个使用php语言编写的，用于学习CTF中PHP反序列化的入门靶场。旨在帮助大家对PHP的序列化和反序列化有一个全面的了解。

Invoke-RunAsWithCert

A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.

python-for-awae

Python for AWAE (Advanced Web Attacks and Exploitation)

CVE-2024-29943

A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE

Splunk4DFIR

Harness the power of Splunk for your investigations

Cyber_Security_Malware_APT_Simulation

All the principles of the AI modular structure that generates malicious code fragments sold on the dark web

HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2

HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion

SeBackupPrivilege

Windows Privilege Escalation

ExpFuzzWordlist

ExpFuzz字典

CDPwn

CDPwn is a python script designed to capture screenshots of files via the Chrome DevTools Protocol (CDP), a technique useful for privilege escalation when the CDP service runs with root permissions.

ADScanner