A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.

物联网设备安全测试指南

File formats dissections and more...

Continuously jam all wifi clients/routers

A curated list of awesome iOS application security resources.

a vulnerable android application to practice request forgery.

Check for LDAP protections regarding the relay of NTLM authentication

This map lists the essential techniques to bypass anti-virus and EDR

POC for CVE-2022-39952

Collection of Offensive C# Tooling

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.

Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol

Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)

Tools & Interesting Things for RedTeam Ops

PEN-300 collection to help you on your exam.

Payload Generation Framework

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Extract credentials from lsass remotely

Community curated list of templates for the nuclei engine to find security vulnerabilities.

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)