Hnisec
Follow
Stars
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS管理,RDS/DB管理,域名管理,添加RAM/CAM/IAM账号等
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
利用阿里云oss对象存储,来转发http流量实现(cs)Cobalt Strike、msf 上线等 这之间利用阿里云的相关域名进行通信。
Extract and execute a PE embedded within a PNG file using an LNK file.
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
TrustedSec Sysinternals Sysmon Community Guide
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
Tool for Active Directory Certificate Services enumeration and abuse
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
Windows Privilege Escalation from User to Domain Admin.
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive …
A proof-of-concept Remote Desktop (RDP) session hijack utility
Exploit for the vulnerability CVE-2024-43044 in Jenkins
Make BASH stealthy and hacker friendly with lots of bash functions