r0fus0d

PostgreSQL 提权辅助脚本

https://github.com/CocoHall/xiaSql 的魔改版

用于备份一些软件安装包

域信息收集工具

一款完全被动监听的谷歌插件，用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗

用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用 内存马注入

将 BreakOnTermination 设置为 1

弱口令爆破工具。Weak Password Blaster Tool.

No description.

测误报

一个LDAP请求监听器，摆脱dnslog平台

一款办公应用云凭证利用工具

A tool for browser recovery

一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webshell，命令执行或者上传公钥使用SSH免密连接

No description.

No description.

后渗透用 rabbitmq 取数

PoC Exploit for the NTLM reflection SMB flaw.

No description.

一款代码审计辅助插件

An incredibly fast proxy checker & IP rotator with ease.

Active Directory information dumper via LDAP

Run code from memory

Optimized implementation for color-icon-matrix barcodes

No description.

二开 ruler

No description.

Log ALPC activity

Log4j2 RCE Passive Scanner plugin for BurpSuite

Proof of Concept for CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207

对权限绕过自动化bypass的burpsuite插件

Exploit tool implemented using ebpf.

魔改shadowsocks，实现socks5内网穿透。

Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

无环境依赖开箱即用的代理IP池

AI 驱动的后渗透综合管理平台，深度集成 LLM Agent，开箱即用。

No description.

No description.

An agentic skills framework & software development methodology that works.

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

No description.

Agent skills for solving CTF challenges - web exploitation, binary pwn, crypto, reverse engineering, forensics, OSINT, and more

Claude Code 免杀 SubAgents

Curated list of resources on HashiCorp's Terraform and OpenTofu

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

A collection of awesome penetration testing resources, tools and other shiny things

将 Cursor API 转换为 OpenAI/Anthropic 兼容格式的代理服务。

No description.

GodzillaNodeJsPayload

No description.

No description.

金蝶星空云反序列化漏洞内存马

xxl-job内存马

Memshell

WSUS Unauthenticated RCE

Proof-of-concept for CVE-2025-49844

rocketmq 取数据

This is the tool to dump the LSASS process on modern Windows 11

No description.

反调试破除者--AntiDebug_Breaker

后渗透 kafka 取数

基于yolov8+孪生网络识别验证码的ICP备案查询程序。从工业和信息化部政务服务平台查询实时数据，高精度过验证码

PoC for Dirty COW (CVE-2016-5195)

Lateral Movement Bof with MSI ODBC Driver Install

一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.

Binary Hollowing

OneScan 是一款用于递归目录扫描的 BurpSuite 插件

No description.

Copy/paste detector for programming source code.

Another Windows Local Privilege Escalation from Service Account to System

This tool is an automated PWN exploitation framework designed for CTF competitions and binary vulnerability exploitation. It integrates various exploitation techniques such as stack overflow and format string attacks, supporting automated analysis and exploitation for both 32-bit and 64-bit programs.

🔍 LibcSearcher-ng -- get symbols' offset in glibc.

用Go编写的轻量文件监控器. 可以监控终端上指定文件夹内的变化, 阻止删除,修改,新增操作. 可以用于AWD比赛或者终端应急响应

PEDA - Python Exploit Development Assistance for GDB

Some new commands debug heap for peda

This project provides some code examples of Zig for malwares, hacking, and red teaming. ⚡

🐱 rules-dat for mihomo

No description.

A flexible scanner

Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit!

世界上本来不存在加密，加密的人多了，也便成就了解密

No description.

Java 内存马开聚会 🎉

C#快速添加删除mssql用户小工具

An even funnier way to disable windows defender. (through WSC api)

目标是成为当下最完善的API挖掘工具，实现自动提取响应敏感信息、URI信息，并且对URI进行自动|手动递归检查

JDumpSpiderGUI 是一个用于 Java 堆转储文件分析的工具，支持命令行和 JavaFX 图形界面两种模式。该工具主要是在原工具上添加了图形化的界面

GodInfo 是一个功能全面的后渗透信息和凭据收集工具，旨在帮助安全测试人员在获得授权访问权限后，快速收集目标系统的信息和凭据。

Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

综合后渗透方面的杂烩

JavaPassDump

Bookit / Windows Login Password and Bitlocker Bypass Tool

本Burp Suite插件专为文件上传漏洞检测设计，提供自动化Fuzz测试，共300+条payload。

This project wraps the WeChat OCR functionality from the excellent wechat-ocr project into a simple REST API service that can be easily deployed using Docker. It allows you to perform optical character recognition on images by leveraging WeChat's powerful OCR capabilities.

No description.

Windows 7 API Extensions

.wxapkg analysis tool for macOS

Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.

A Firefox and Google Chrome extension to clip websites and download them into a readable markdown file.

一个浏览器数据（密码|历史记录|Cookie|书签|下载记录）的导出工具，支持主流浏览器。

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

Burp插件，快速探测可能存在SQL注入的请求并标记，提高测试效率

《APT Individual Combat Guide》

daydayExp的漏洞POC仓库，慢慢更新...

一个半自动化springboot打点工具，内置目前springboot所有漏洞

Extract and execute a PE embedded within a PNG file using an LNK file.

The Network Execution Tool

A Bypass Anti-virus Software Lateral Movement Command Execution Tool

一款基于 gopacket 编写的 ICMP 反弹 shell 工具

快速测试是否存在FastAdmin框架相关漏洞

DoS tool for HTTP requests (inspired by hulk but has more functionalities)

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Sharp Wifi Password Grabber retrieves in clear-text the Wi-Fi Passwords from all WLAN Profiles saved on a workstation.

Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.

BloodyAD is an Active Directory Privilege Escalation Framework

Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel

Redis 漏洞利用工具

A technique for Active Directory domain persistence

No description.

多组件客户端

Demo/test android app for libcimbar. Copy files over the cell phone camera!

集权设施扫描器

Jenkins凭据解密脚本，增加对publish_over_ssh插件支持

Exploit for the vulnerability CVE-2024-43044 in Jenkins

轻量化全方位扫描器

Customizable Linux Persistence Tool for Security Research and Detection Engineering.

注入JVM进程 动态获取目标进程连接的数据库

Get sql server connection configuration information

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

TCP connection hijacker, Rust rewrite of shijack

火绒剑独立版

Forkstat is a program that logs process fork(), exec() and exit() activity. It is useful for monitoring system behaviour and to track down rogue processes that are spawning off processes and potentially abusing the system.

DecryptTools-综合解密

一个能快速开启和关闭匿名SMB共享的红队脚本

解析netsh抓取的etl文件来定位windows主机上存在ICMP通信的进程与文件的小工具

A tool to capture communication between Chromium processes on Windows

Nacos Derby命令执行漏洞利用脚本

No description.

JeecgBoot综合漏洞利用工具

This is to enable 60fps and GPU acceleration on RDP connection

Kerberos unconstrained delegation abuse toolkit

PortBender修改为exe版本

A tool to abuse Exchange services

golang 实现的windows and linux 端口复用工具。

修改利用方式为通过对Sleeping的线程发送单步执行事件，达成断点，从而可以直接获取上下文、执行命令，而不用等待断点被击中。

JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 / CVE-2023-42820 / RCE 2021

一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it

[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains.

No description.

a weak weak pass tool

CVE-2021-1732 Exploit

TCP Port Redirection Utility

一款支持高度自定义的 Java 回显载荷生成工具

分割小工具，可分割木马，一键生成写入、合并、追加命令

Tools for compiling many Go commands into one binary to save space. Builds are supported in vendor-based Go, module-based Go, and bazel with Starlark.

一个支持节点与订阅链接的 Linux 命令行代理工具 | A command-line tool for one-click proxy in your research and development without installing v2ray or anything else (only for linux)

shiro综合利用工具

三网回程路由测试

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。

一款golang编写的，批量检测frp server未授权访问、弱token的工具

No description.

Mihomo Dashboard, The Official One, XD

A simple Python Pydantic model for Honkai: Star Rail parsed data from the Mihomo API.

Find and verify credentials

A powerful browser crawler for web vulnerability scanners

A next-generation crawling and spidering framework.

nysm is a stealth post-exploitation container.

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.

基于已知网站 ssl 证书的信息生成新的自签名证书，除了证书是不被信任的以外，其他的信息看上去基本一致，用于伪装流量。

Automated upstream mirror for bpftool stand-alone build.

Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.

Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)

No description.

generate CobaltStrike's cross-platform payload

Pingtunnel is a tool that send TCP/UDP traffic over ICMP

A simple and powerful proxy

A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.

A tool for reverse engineering Android apk files

macOS Initial Access Payload Generator

📥 A Telegram downloader/tools written in Golang

👾 Fast and simple video download library and CLI tool written in Go

HaE - Highlighter and Extractor, 赋能白帽 高效作战

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

No description.

Coerce Windows machines auth via MS-EVEN

CVE-2023-2023

The tool used to extract the information from databases quickly.

红帆ioffice密码解密工具

portreuse reuseport 端口复用

Registry API 未授权访问漏洞利用

windows pc端wxpkg文件解密（非解包）

PC微信小程序 wxapkg 解密

WeblogicScan一键检测

大华智慧园区系统sso_initsession文件上传批量脚本

Java Source Code Obfuscator（java源代码混淆器）

📦 Make security testing of K8s, Docker, and Containerd easier.

netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

一款简单的qvm管理工具

通过WindowsAPI获取用户凭证，并保存到文件中