- All languages
- ASP
- Assembly
- AutoIt
- Batchfile
- Bicep
- C
- C#
- C++
- CSS
- CoffeeScript
- Dart
- Dockerfile
- EJS
- Go
- HCL
- HTML
- Java
- JavaScript
- Jinja
- Jupyter Notebook
- Kotlin
- Lua
- Makefile
- NASL
- Nim
- Objective-C
- Objective-C++
- PHP
- Pascal
- Perl
- PowerShell
- Python
- Rich Text Format
- Ruby
- Rust
- SCSS
- Shell
- Smali
- Swift
- TypeScript
- VBA
- VBScript
- Vue
- YARA
Starred repositories
Rusty Mimikatz - All credits to: github.com/ThottySploity/mimiRust (Original author deleted account so I uploaded for community use)
4个 .soap 版本的WebShell(持续更新维护),优点:可以运行于子目录,突破了过去只能运行于根目录的限制。4个脚本分别支持调用cmd.exe/哥斯拉/冰蝎/天蝎 客户端。
TheCryingGame / ysogate
Forked from H4cking2theGate/ysogateJava反序列化/JNDI注入/恶意类生成工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。
burpsuite passive-scan-client 插件持续维护分支 v2024
ISG lets you use YouTube as cloud storage for ANY files, not just video
SoulExtraction is a windows driver library for extracting cert information in windows drivers
xforcered / BokuLoader
Forked from boku7/BokuLoaderA proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
Improved version of EKKO by @5pider that Encrypts only Image Sections
Identify and exploit leaked handles for local privilege escalation.
Collection of PoC and offensive techniques used by the BlackArrow Red Team
Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
Threadless Process Injection using remote function hooking.
Hook all callbacks which are registered with LdrRegisterDllNotification
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
Just another ntdll unhooking using Parun's Fart technique
A tool that shows detailed information about named pipes in Windows
Information and PoC about the ENLBufferPwn vulnerability
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
This map lists the essential techniques to bypass anti-virus and EDR
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table