Covenant is a collaborative .NET C2 framework for red teamers.

Like Hell's Gate but more EGG :)

Browser In The Browser (BITB) Templates

Template-Driven AV/EDR Evasion Framework

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

Process Ghosting in C#

Codeql学习笔记

Token stealing tool written by Go. Bypass Kaspersky,Defender,Avira, etc./Go 编写的 Token 窃取工具。免杀卡巴、Defender、小红伞等杀软

Shellcode injection technique. Given as C++ header, standalone Rust program or library.

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

重生之我在安全行业讨口子系列，分享在安全行业讨口子过程中，SRC、项目实战的有趣案例

Abusing exceptions for code execution.

VEH hook

A guide to smart contract security best practices

Zipkin is a distributed tracing system

Main Repository. ReportPortal starts here - see readme below.

Ghidra is a software reverse engineering (SRE) framework

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

Linux运维监控工具，支持系统硬件信息，内存，CPU，温度，磁盘空间及IO，硬盘smart，GPU，防火墙，网络流量速率等监控，服务接口监测，大屏展示，拓扑图，端口监控，进程监控，docker监控，日志监控，文件防篡改，数据库监控，指令批量下发执行，web ssh，Linux面板(探针)，告警，SNMP监测，K8S，Redis，Nginx，Kafka，资产管理，计划任务，密码管理，工作笔记

通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

一个想让大家赚钱的数字货币量化项目，想带一帮人一起赚点小钱，助力共同富裕。

Super RDPWrap

If you only have hash, you can still operate exchange

MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize

A helpful Java Deserialization exploit framework.

Miscellaneous PowerShell Scripts

用于host碰撞而生的小工具,专门检测渗透中需要绑定hosts才能访问的主机或内部系统

Burp Extension for a passive scanning JS files for endpoint links.

EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode