A python tool used to discover endpoints for a given target

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

A cheat sheet that contains advanced queries for SQL Injection of all types.

Portable Executable reversing tool with a friendly GUI

A small reverse shell for Linux & Windows

Exploit for CVE-2022–22718 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

Collection of Scripts for shodan searching stuff.

A simple python packer to easily bypass Windows Defender

Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.

.NET, PE, & Raw Shellcode Packer/Loader Written in Nim

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

Cobalt Strike Malleable C2 Design and Reference Guide

Apache Log4j 远程代码执行

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

A .NET Runtime for Cobalt Strike's Beacon Object Files

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

Exploit allowing you to read registry hives as non-admin

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

Checklist for pentests, handy commands for to remembers, and a few tools to work on here and there. Far from complete!

PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github

Proof of Concept Exploit for vCenter CVE-2021-21972

Simple shell script for automated domain recognition with some tools

This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.

Miscellaneous Tools

Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

💻 Elevate, UAC bypass, persistence, privilege escalation, dll hijack techniques