一款高威胁POC/EXP的集成框架，用于渗透和红队快速打点

强制关闭360 需要管理员权限

POC for CVE-2021-21974 VMWare ESXi RCE Exploit

Golang Bypass Av Generator template

A tool for IDN homograph attacks and detection.

bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)

网络资产攻击面梳理

windows-kernel-exploits Windows平台提权漏洞集合

CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE

HttpSourceViewer是一款免费的网页html源码查看工具，通过这款软件你可以直接获取一个页面的html源码，包括html头及页面的html内容。

内网穿透，c++实现，无需公网IP，小巧，易用，快速，安全，最好的多链路聚合（p2p+proxy）模式，不做之一...这才是你真正想要的内网穿透工具！

A blind XSS detection and XSS data capture framework

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

PoC exploits I wrote. They're as is and I will not offer support

Collection of auxiliary command line tools

Security Paper

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Pre-Built Vulnerable Environments Based on Docker-Compose

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

A plugin for Mac WeChat

AV Evasion Tool For Red Team Ops

Pwn stuff.

shellcodeloader

个人隐私泄露检测工具。

分布式端口（漏洞）扫描、资产安全管理、实时威胁监控与通知、高效漏洞闭环、漏洞wiki、邮件报告通知、poc框架

xray社区高级版证书生成，仅供学习研究，正常使用请支持正版

一款基于BurpSuite的被动式shiro检测插件

rce工具

A powerful browser crawler for web vulnerability scanners

SimpleShellcodeInjector receives as an argument a shellcode in hex and executes it. It DOES NOT inject the shellcode in a third party application.