ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

RubberDucky like payloads for DigiSpark Attiny85

A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37…

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

Manipulating and Abusing Windows Access Tokens.

demo PsExec

🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python

🚀 Takes minutes to explore the topology of all routable /24 prefixes in IPv4 address space. Now supports IPv6 scan!

A cross-platform, collaborative C2 for red-teaming. Agents are cross-compilable (e.g, you can generate Windows DLLs on Linux), cross-compatible, and built with evasion, anti-analysis and stability in mind. All capabilities are natively implemented from scratch.

A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37…

Digispark scripts

dirforce is a tool for directory discovery

Linux tool written in C++ for creating and sending fully customizable TCP, UDP or ICMP packets with payloads.

This project studies Keyloggers and the language itself. Itmonitors the League of Legends login, saving input to a local TXT file and capturing clipboard content. After losing focus, it sends the file to a Flask server, creating a folder with the victim's IP and logs. Misuse is a crime, and I am not liable for your actions.

404Hunter is a fast CLI tool to check if subdomains are alive over HTTP/HTTPS. It supports multi-threading, custom timeouts, and clean output to file. Ideal for bug bounty hunters, pentesters, or sysadmins who need to verify active subdomains quickly and efficiently.

Simple TCP Server to handle multiple reverse connection/sessions on single port

port ddos application (linux)

Simple C++ Website Directory Brute Forcer for Penetration Tests

Rendering on external windows via hijacking thread contexts

An ESP32 based DIY pocket multi-tool for pentesting and fun. Features IR Signal Cloning,Wi-Fi Deauth, Beacon Spam and Retro Games. Open-source Flipper Zero alternative.