多啦A梦的百宝箱:gift:

Code written in the course of work

内网探测工具(Internal network detection tool that not contain any exploit code)

Under Windows NT, icon files

Implement load Cobalt Strike & Metasploit&Sliver shellcode with golang

一款可批量提取url或本地html文件中注释、属性及标签内容的工具

个人翻译/总结渗透测试思维导图

Without closing windows defender, to make defender useless by removing its token privileges and lowering the token integrity.

Simple reverse shell to avoid Windows defender and kaspersky detection

An OS command injection vulnerability in FortiWeb's management interface (version 6.3.11 and prior) can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the S…

Check if there is any anti-software process in current operating environment

PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.

The tool is used to match and scan the website directory when the source code is known