Despite being a robust and secure system, Active Directory (AD) can be considered vulnerable in specific scenarios as it is susceptible to various threats, including external attacks, credential at…

Historical documents (in Chinese) about the GPCR (Thanks Comrade RC MR HR etc.)

Metasploit Framework

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

《Linux提权方法论》

放置我的笔记、搜集、摘录、实践，保持好奇心。看文需谨慎，后果很严重。

Monitor linux processes without root permissions

game of active directory

Oscp study group

A curated list of awesome OSCP resources

Windows Elevation(持续更新)

Six Degrees of Domain Admin

Tools & Interesting Things for RedTeam Ops

A compilation of important commands, files, and tools used in Pentesting

Curated list of project-based tutorials

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

CTF 工具集合

Perfect Blue's CTF Writeups