反蒸馏 Skill：清洗你被迫写的 Skill 文件，看起来完整，核心知识留给自己。Anti-distillation for employee Skills.

Active Directory Vulnerability Scanner

Dominate the domain. Relay to royalty.

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practi…

LC（List Cloud）是一个多云攻击面资产梳理工具

Defeating Windows User Account Control

CloudRec is an open source multi-cloud security posture management (CSPM) platform designed to help organizations improve the security of their cloud environments.

DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

自动解包微信小程序并提取敏感信息和api接口

GoFinger是一款专为红队攻防和企业资产管理设计的下一代web指纹发现、指纹识别工具。基于 Go 语言开发，它不仅继承了传统指纹工具的识别能力，更在性能、可扩展性和输出质量上进行了深度优化。 它旨在帮助安全工程师和渗透测试人员快速、精准地识别网络资产指纹，并以美观、易读的格式呈现结果。工具原生支持本地指纹库与 Fofa、Quake、Hunter 等主流API联动，并集成了 Chainre…

generate CobaltStrike's cross-platform payload

BloodyAD is an Active Directory Privilege Escalation Framework

迄今为止公开的二开瞎注插件中最强版本：Xia SQL Plus，基于 “瞎注” xia_sql二次开发。

Next-generation IaC tools | 下一代基础设施管理工具

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

Nuclei POC，每2小时更新 | 自动整合全网Nuclei的漏洞POC，实时同步更新最新POC，保存已被删除的POC。通过批量克隆Github项目，获取Nuclei POC，并将POC按类别分类存放，使用Github Action实现。已有41w+POC，其中3.5w+高质量POC

AdaptixFramework Extension Kit

Encode and Fuzz Custom Protobuf Messages in Burp Suite

An advanced [Finder | Checker | Server] tool for proxy servers, supporting both HTTP(S) and SOCKS protocols. 🎭

BOF for Kerberos abuse (an implementation of some important features of the Rubeus).

A local privilege escalation vulnerability in VMware vCenter Server (and VMware Cloud Foundation) caused by a misconfiguration of sudo, allowing an authenticated user with non-administrative privil…

Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without relying on event logs

.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation

Python implementation of GhostPack's Seatbelt situational awareness tool

An archive of 0day.today exploits

A BOF that's a BOF Loader and more

Golang Automation Framework for Cobalt Strike using the Rest API

Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.