t43wiu6 Goto Github PK
Name: t43M!ne
Type: User
Company: @Nu11P0int3s @Ouroboros-SEC
Bio: Just a Lousy RedTeamer&ThreatHunter
Twitter: t4377179214
Location: Earth
Name: t43M!ne
Type: User
Company: @Nu11P0int3s @Ouroboros-SEC
Bio: Just a Lousy RedTeamer&ThreatHunter
Twitter: t4377179214
Location: Earth
Trying to tame the three-headed dog.
Security Conference Archive
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
SMBExec C# module
Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
C# Data Collector for the BloodHound Project, Version 3
NetBIOS scanning tool written in c#
在内网渗透过程中,对可以出网的机器是十分渴望的。在收集大量弱口令的情况下,一个一个去测试能不能出网太麻烦了。所以就有了这个工具,可配合如wmiexec、psexec等横向工具进行批量检测,该工具可以在dnslog中回显内网ip地址和计算机名,可实现内网中的快速定位可出网机器。
Use to check the valid account of the Remote Desktop Protocol(Support plaintext and ntlmhash)
.NET Project for Attacking vCenter
SharpSploit is a .NET post-exploitation library written in C#
内网渗透中快速获取数据库所有库名,表名,列名。具体判断后再去翻数据,节省时间。适用于mysql,mssql。
.NET project for installing Persistence
SharpUp is a C# port of various PowerUp functionality.
Code Review of tevora-threat's PowerView
使用纯C/C++编写的ShellCode生成框架
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.
Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.
:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.
A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
注入SSHD进程并记录ssh登录的密码
Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang
Project aimed at creating a malware able to evolve and adapt to the various host machines through metamorphic modifications, spontaneous mutations, code imitation and DNA programming to enable/disable functionalities
A Swagger API Exploit
一个多功能的端口转发/端口复用工具,支持转发本地或远程地址的端口,支持正则表达式转发(实现端口复用)。
AV/EDR evasion via direct system calls.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.