A lightweight Python tool to clean AI refusal responses from Codex CLI session files

利用 AI 对 LGBT 弱势群体的 "同情偏向" 让他执行原先会被拒绝的请求

[ BOF-LAUNCHER ] -> an API for loading, executing and in-memory masking BOFs on Windows and Linux for use in C/Zig/Go/Rust agents/implants. [ Z-BEAC0N ] -> a custom-written stage-1 (aka pre-C2) sol…

Extract Windows credentials directly from VM memory snapshots and virtual disks

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

A AI general-purpose state-space search engine, validated first on autonomous penetration testing.

Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by BeichenDream.

Helping AI Agent become an awesome practical hacker!

这个工具实现了您提到的所有Windows权限维持技术，包括IFEO镜像劫持、启动项后门、WMI无文件后门、进程注入、DLL劫持、影子用户等。代码结构清晰，文档完整，适合用于安全研究和教育目的。

C2 infrastructure over Microsoft Teams.

《APT Individual Combat Guide》

打造最强的AI安全文档

一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.

指纹识别、目录扫描，支持主动和被动

A high-speed covert tunnel that disguises TCP traffic as SMTP email communication to bypass Deep Packet Inspection (DPI) firewalls.

A flexible tool for redirecting a program's TCP, UDP, and DNS traffic to SOCKS5 or HTTP proxies.

🚀 2024-至今 1Day 漏洞 PoC 深度研究与复现归档。涵盖 OA、ERP、安防、数通、大模型及容器等 高价值资产漏洞，实战导向，助力安全研究与合规检测。

网络安全开源图书三部曲

DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

一个用于测试文件上传功能安全性的 Burp Suite 插件。通过 Intruder 模块自动生成各类绕过 payload，覆盖常见的文件上传限制场景。共1000+条payload

vshell-firewall is a flexible, high-performance TCP proxy service designed to block fingerprinting and reconnaissance attempts targeting vshell instances, while enabling customizable connection lim…

Burp Suite extension for receiving TLS/HTTP traffic captured by eCapture (eBPF)

A flexible, AI powered C2 framework built with operators in mind

收集一些红队 Dify Workflow。

Godzilla自定义C#程序集加载插件

JavaScript Reverse Tools -- JS逆向工具

【Remain Fix】【测试项目 仍需修复】RexJava 是一个用 Go 语言编写的 Java 序列化流解析库，从 Ruby 的 rex-java 库移植而来。该库专门用于安全研究和渗透测试，能够解析和构建 Java 对象序列化格式的二进制流。Generated By Cursor

JNDI在java高版本的利用工具,FUZZ利用链