zjicmDarkWing

PentestGPT

A GPT-empowered penetration testing tool

xzbot

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

ruler

A tool to abuse Exchange services

RustRedOps

🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust

LSTAR

LSTAR - CobaltStrike 综合后渗透插件

ARL

ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

NacosRce

Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

penelope

Penelope Shell Handler

Incident-Response-Powershell

PowerShell Digital Forensics & Incident Response Scripts.

CrimsonEDR

Simulate the behavior of AV/EDR for malware development training.

lc

LC（List Cloud）是一个多云攻击面资产梳理工具

CS-AutoPostChain

基于 OPSEC 的 CobaltStrike 后渗透自动化链

LetMeowIn

A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.

lsa-whisperer

Tools for interacting with authentication packages using their individual message protocols

eml_analyzer

An application to analyze the EML file

LovelyMem

基于Memprocfs和Volatility的可视化内存取证工具

cstc

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

NoArgs

NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly.

ADPT

DLL proxying for lazy people

AutoGeaconC2

AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike

IronSharpPack

IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then reflective load the C# project.

Invoke-RunAsWithCert

A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.

python-for-awae

Python for AWAE (Advanced Web Attacks and Exploitation)

ExplorerPersist

Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when it's get loaded into the explorer process , our malicoius code get executed

Cyber_Security_Malware_APT_Simulation

All the principles of the AI modular structure that generates malicious code fragments sold on the dark web

Splunk4DFIR

Harness the power of Splunk for your investigations

ExpFuzzWordlist

ExpFuzz字典

CDPwn

CDPwn is a python script designed to capture screenshots of files via the Chrome DevTools Protocol (CDP), a technique useful for privilege escalation when the CDP service runs with root permissions.

ADScanner