Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Coba…

Shoggoth: Asmjit Based Polymorphic Encryptor

A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)

A feature rich DLL injection library.

[WIP] 整理过去的分享，从零开始的Kubernetes攻防 🧐

Android security insights in full spectrum.

CVE-2023-2255 Libre Office

Microsoft-Outlook-Remote-Code-Execution-Vulnerability

Spartacus DLL/COM Hijacking Toolkit

Some CTF writeups of CTF problems I really liked

EXP for CVE-2023-28434 MinIO unauthorized to RCE

The Next Generation of Anti-Rookit(ARK) tool for Windows.

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

A (small) web exploit framework

Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()

A memory-based evasion technique which makes shellcode invisible from process start to end.

🤖 Kill The Protected Process 🤖

The framework for building with WebAssembly (wasm). Easily load wasm modules, move data, call functions, and build extensible apps.

windows-rs shellcode loaders

kill anti-malware protected processes ( BYOVD) (Microsoft Won )

A socksv5 proxy tool Written by CLang. 一款纯C实现的基于socks5协议的轻量内网穿透工具，支持ew的全部数据转发方式，支持跨平台使用

🎃 PumpBin is an Implant Generation Platform.

darkPulse是一个用go编写的shellcode Packer，用于生成各种各样的shellcode loader，免杀火绒，360核晶等国内常见杀软。

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

Project for CS460 (Security Laboratory) Spring 2017 at UIUC

Run WPS PIN attacks (Pixie Dust, online bruteforce, PIN prediction) without monitor mode with the wpa_supplicant

Basic reverse shell in C using socket() with complete explanation

算法助手

📚 PUA 书籍

📚 PUA 书籍