A local privilege escalation vulnerability in VMware vCenter Server (and VMware Cloud Foundation) caused by a misconfiguration of sudo, allowing an authenticated user with non-administrative privil…

Python 58 16 Updated Jul 9, 2024

Friends-Security / SharpExclusionFinder

Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without relying on event logs

C# 225 20 Updated Oct 6, 2024

logangoins / Cable

.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation

C# 399 44 Updated Jul 23, 2025

0xthirteen / Carseat

Python implementation of GhostPack's Seatbelt situational awareness tool

Python 269 22 Updated Nov 12, 2024

vulncheck-oss / 0day.today.archive

An archive of 0day.today exploits

320 82 Updated Jul 25, 2025

0xTriboulet / InlineExecuteEx

A BOF that's a BOF Loader

C++ 146 19 Updated Nov 23, 2025

Xenov-X / csbot

Golang Automation Framework for Cobalt Strike using the Rest API

Go 55 6 Updated Dec 4, 2025

P0142 / LDAP-Bof-Collection

Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.

C 41 3 Updated Dec 15, 2025

bytewreck / DumpGuard

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

C 464 39 Updated Oct 27, 2025

Flangvik / ObfuscatedSharpCollection

Attempt at Obfuscated version of SharpCollection

236 36 Updated Nov 15, 2025

cube0x0 / SharpMapExec

C# 668 123 Updated Nov 17, 2021

kyleavery / inject-assembly

Inject .NET assemblies into an existing process

C 508 74 Updated Jan 19, 2022

REDMED-X / OperatorsKit

Collection of Beacon Object Files (BOF) for Cobalt Strike

C 657 95 Updated Aug 15, 2025

anthemtotheego / InlineExecute-Assembly

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…

C 721 137 Updated Jul 22, 2023

zer0yu / Awesome-CobaltStrike

List of Awesome CobaltStrike Resources

4,335 759 Updated Sep 20, 2023

outflanknl / C2-Tool-Collection

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

C 1,345 214 Updated Oct 27, 2023

N7WEra / BofAllTheThings

Creating a repository with all public Beacon Object Files (BoFs)

551 60 Updated Aug 30, 2023

INotGreen / SharpScan

内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破（SSH、SMB、MsSQL等）、Socks代理，一键自动化+无文件落地扫描

C# 462 50 Updated Nov 20, 2024

gfx-5921 / XGao-1.0

XGao免杀工具可绕过国内常见杀毒，持续更新，请多多关注

33 3 Updated Nov 18, 2025

Flangvik / SharpCollection

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

2,719 380 Updated Nov 15, 2025

GhostPack / Certify

Active Directory certificate abuse.

C# 1,875 269 Updated Oct 27, 2025

GhostPack / Seatbelt

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

C# 4,406 752 Updated Jan 10, 2025

evilc0deooo / SwaggerHound

自动化检测 Swagger API 接口未授权访问漏洞工具

Python 58 6 Updated Mar 10, 2025

moscovium-mc / CloudRip

A tool that helps you find the real IP addresses hiding behind Cloudflare by checking subdomains.

Python 223 36 Updated Dec 5, 2025

ChatAPT vpxuser

Lists (29)

AD域渗透

Android渗透

BurpSuite插件

C2框架+免杀

Chrome插件

CobaltStrike插件

IMOO破解

IOT渗透

K8s+云服务渗透

LLM安全

Magisk模块

Payload+账号密码字典

POC+EXP集合

RootKit权限维持

Scan指纹+漏洞

SOC安全运营

SSDLC研发安全

vCenter渗透

VPN+代理隧道

Webshell管理

Web漏洞利用

Wx小程序渗透

Xposed模块

基础运维

学习资料

应急响应

日常办公

本地提权

社会工程学

Stars