PoC Exploit for the NTLM reflection SMB flaw.

命令执行不回显但DNS协议出网的命令回显场景解决方案（修改为使用ceye接收请求，添加自定义DNS服务器）

解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

分享几个直接可用的内存马，记录一下学习过程中看过的文章

The Minimalistic x86/x64 API Hooking Library for Windows

avList - 杀软进程对应杀软名称

Red Team KubeCTL Cheat Sheet

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

📧Coremail邮件系统组织通讯录导出脚本

SharpAddDomainMachine

Decrypt chromium based browsers passwords, cookies, credit cards, history, bookmarks. Version > 80 is supported.

Exploit and detect tools for CVE-2020-0688

Tomcat-Ajp协议文件读取漏洞

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse.

fastjson_rce工具，不用搭建HTTP服务，不受JDK版本限制

www.flash.cn 的钓鱼页，中文+英文

double-free bug in WhatsApp exploit poc

Exploit for the Post-Auth RCE vulnerability in Pulse Secure Connect

读取登录过本机的登录失败或登录成功的所有计算机信息，快速定位运维管理人员。 Reference: https://github.com/ysrc/yulong-hids

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…

Freeze (package) Python programs into stand-alone executables

BypassAV ShellCode Loader (Cobaltstrike/Metasploit)

Python library for Windows Remote Management (WinRM)

Redis(<=5.0.5) RCE