天问之路

蓝队应急工具

戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑

通杀检测基于白文件patch黑代码的免杀技术的后门

A simple Windows application that allows the user to pick between IDA installation for the given file.

Elastic Security detection content for Endpoint

金刚狼：首款支持多层内网级联的ASPX、ASHX高级WebShell管理工具，AES加密通信，无需代理，内存加载渗透工具，无文件落地隐蔽渗透目标，动态代码执行，ShellCode加载(Metasploit/Cobalt Strike)，反弹Shell，Socks代理，内存马

Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.

UDRL for CS

EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.

⚠️ malware development

FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用

A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.

BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).

一款针对向日葵的识别码和验证码提取工具

Hide any window from screen capture on Windows.

海康威视/萤石云密钥泄露利用工具

Linux/Windows post-exploitation framework made by linux user