Dism++ Multi-language Support & BUG Report

Export disassemblies into Protocol Buffers

Tool to bypass LSA Protection (aka Protected Process Light)

A Python based ingestor for BloodHound

Privilege Escalation Enumeration Script for Windows

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirectory module (ADWS) or System.DirectoryServices class (LDAP).

轻量级的无害化钓鱼~

复现|漏洞|CVE|CNVD|POC|EXP|0day|1day|nday等相关微信文章收集

powershell 混淆 生成工具

Nuclei POC，每日更新 | 自动整合全网Nuclei的漏洞POC，实时同步更新最新POC，保存已被删除的POC。通过批量克隆Github项目，获取Nuclei POC，并将POC按类别分类存放，使用Github Action实现（已有11wPOC，已校验有效性并去重）

本项目是基于Neo-reGeorg进行二次开发，对PHP木马添加了AES加密，修改了请求体和响应体特征

reGeorg的特殊版本，适用于老版本weblogic。

Cobalt Strike HTTPS beaconing over Microsoft Graph API

A Pin Tool for tracing API calls etc

A byte code analyzer for finding deserialization gadget chains in Java applications

Knowledge Base 慢雾安全团队知识库

一个各种方式突破Disable_functions达到命令执行的shell

基于Frida的脱壳工具

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

2022 护网行动 POC 整理

2021 hw

2021hvv漏洞汇总

CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

统一管理和挂载云存储设施/Unified management and mounting of cloud storage facilities

POC&EXP仓库、hvv弹药库、Nday、1day

iDefender（冰盾 - 终端主动防御系统）

一个基于jvm-sandbox高度定制化rasp

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

Silently Install Chrome Extension For Persistence