Situational Awareness commands implemented using Beacon Object Files

Attack Surface Management Platform

基于Go编写的windows日志分析工具

Pre-Built Vulnerable Environments Based on Docker-Compose

红队 C2 框架，使用 No X Loader 技术。Red Team C2 Framework, using No X Loader technology.

ParadoxiaRat : Native Windows Remote access Tool.

这款工具是一款功能强大的网络安全综合工具，旨在为安全从业者、红蓝对抗人员和网络安全爱好者提供全面的网络安全解决方案。它集成了多种实用功能，包括解密、分析、扫描、溯源等，为用户提供了便捷的操作界面和丰富的功能选择。This tool offers robust network security solutions for professionals and enthusiasts. With …

使用Visral Studio开发ShellCode

Just some random Red Team Scripts that can be useful

Red team Interview Questions

一个有点好用的信息收集工具。A somewhat useful information gathering tool.

C2-下一代RAT

🔑 Decrypt chromium based browsers passwords, cookies, credit cards, history, bookmarks, autofill. Version > 80 is supported.

Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取/包含

🔑 Stealer written on C#, logs will be sent to Telegram bot.

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

Hidedump:a lsassdump tools that may bypass EDR

Dump cookies and credentials directly from Chrome/Edge process memory

PentestNotes

darkPulse是一个用go编写的shellcode Packer，用于生成各种各样的shellcode loader，免杀火绒，360核晶等国内常见杀软。

Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)

A tool mainly to erase specified records from Windows event logs, with additional functionalities.

ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

BOF to steal browser cookies & credentials

分享红队常用的工具

高危漏洞利用工具

LC（List Cloud）是一个多云攻击面资产梳理工具

Catcher(捕手) 重点系统指纹漏洞验证工具，适用于外网打点，资产梳理漏洞检查。

D(COM) V(ulnerability) S(canner) AKA Devious swiss army knife - Lateral movement using DCOM Objects

Run a Exe File (PE Module) in memory (like an Application Loader)