A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁（我已经看到了，撤回也没用了）

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exc…

Flash浏览器 / Flash Browser

😉 用于在插上U盘后自动按需复制该U盘的文件。”备份&偷U盘文件的神器”（写作USBCopyer，读作USBCopier）

An Implementation of NTQQ Protocol, with Pure C#, Derived from Konata.Core

Identifies the bytes that Microsoft Defender flags on.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

这是一个抓取浏览器密码的工具，后续会添加更多功能

A method of bypassing EDR's active projection DLL's by preventing entry point exection

Hunts out CobaltStrike beacons and logs operator command output

Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into…

Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能

Cobalt Strike Shellcode Generator

A simple shell code encryptor/decryptor/executor to bypass anti virus.

C# Based Universal API Unhooker

DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the ori…

js免杀shellcode，绕过杀毒添加自启

AmsiScanBufferBypass using D/Invoke

一个cobaltstrike shellcode加载器，过国内主流杀软

Command line & PPID spoofing