Stars
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
SizedWaitGroup has the same role and close to the same API as the Golang sync.WaitGroup but it adds a limit on the amount of goroutines started concurrently.
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
Extract credentials from lsass remotely
An extensible application for penetration testers and software developers to decode/encode data into various formats.
mogwailabs / mjet
Forked from siberas/sjetMOGWAI LABS JMX exploitation toolkit
NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The following binary network packet capture formats are supporte…
Bypass cobaltstrike beacon config scan
Practice Go programming and implement CobaltStrike's Beacon in Go
Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/Htt…
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。(An intranet comprehensive scanning tool, enabling one-click automated, all-round vulnerability scanning)
Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process
Identifies the bytes that Microsoft Defender flags on.
Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts
Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions