Poc and Exp

🤖 A minimal and customizable Docker image running the Android emulator as a service.

Resources related to GitHub Security Lab

用于生成各类免杀webshell

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

src资产管理漏洞扫描平台，子域名爆破，端口扫描，站点发现，目录扫描，爬虫，漏洞扫描

🚀 2024-至今 1Day 漏洞 PoC 深度研究与复现归档。涵盖 OA、ERP、安防、数通、大模型及容器等 高价值资产漏洞，实战导向，助力安全研究与合规检测。

DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

PTY interface for Go

A Windows software package providing an interface similar to a Unix pty-master for communicating with Windows console programs.

一个基于DNS隧道的简单C2

一个半自动化springboot打点工具，内置目前springboot所有漏洞

Plugin for JADX to integrate MCP server

An Open Phone Agent Model & Framework. Unlocking the AI Phone for Everyone

A framework to enable multimodal models to operate a computer.

备份的漏洞库，3月开始我们来维护

牛屎花 一款基于WEB界面的远程主机管理工具

C2-下一代RAT

记录一些代码审计过的源码

Tools and Techniques for Red Team / Penetration Testing

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Pillager是一个适用于后渗透期间的信息收集工具

Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)

Mimikatz implementation in pure Python

免杀shellcode加载器

Adversary Emulation Framework

BloodyAD is an Active Directory Privilege Escalation Framework

PowerSploit - A PowerShell Post-Exploitation Framework