header-only unit test framework

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

Webshell && Backdoor Collection

Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform

netshell features all in version 2 powershell

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

大灰狼远控 源码

这是一个基于gh0st远程控制的项目，使自己更深入了解远控的原理，采用VS2017，默认分支hijack还在修改不能执行，master分支的项目可以正常的运行的，你可以切换到该分支查看可以执行的代码

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and th…

articles

Reverse proxies cheatsheet

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

THIS PROJECT HAS BEEN DELETED

🚀一款简洁高效的VuePress知识管理&博客(blog)主题

红方人员作战执行手册

渗透测试常规操作记录

Various public documents, whitepapers and articles about APT campaigns

A collection of various awesome lists for hackers, pentesters and security researchers

Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.

自动漏洞扫描器，自动子域名爆破，自动爬取注入，调用sqlmapapi检测注入，端口扫描，目录爆破，子网段服务探测及其端口扫描，常用框架漏洞检测。 Automatic scanner, automatic sub domain blasting, automatic crawl injection, injection, call the sqlmapapi port scan detect…

自动爬取Github上文件敏感信息泄露，抓取邮箱密码并自动登录邮箱验证，支持126，qq，sina，163邮箱

request new identity every X seconds interval using TOR client

关于安全狗和云锁的自动化绕过脚本

Material Design theme for hexo.

Gitbook

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.

CMS漏洞测试用例集合

Write any JavaScript with 6 Characters: []()!+

大麦网演唱会抢票程序

12306智能刷票，订票