一个攻防知识仓库 Red Teaming and Offensive Security

Docker官方安装包，用来解决因国内网络无法安装使用Docker的问题

A tool matrix for Russian APTs based on the Ransomware Tool Matrix

Red team Interview Questions

集成了截图 键盘记录 剪贴版功能，用于网络限制场景下的信息搜集

🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust

Conference presentation slides

DarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your t…

2024中国翻墙软件VPN推荐以及科学上网避坑，稳定好用。对比SSR机场、蓝灯、V2ray、老王VPN、VPS搭建梯子等科学上网与翻墙软件，中国最新科学上网翻墙梯子VPN下载推荐，访问Chatgpt。

精彩小文章，小脚本合集

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

蓝队工具箱

Cobalt Strike HTTPS beaconing over Microsoft Graph API

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

Windows安全基线核查加固助手

Cover various security approaches to attack techniques and also provides new discoveries about security breaches.

🚀Vulfocus 是一个漏洞集成平台，将漏洞环境 docker 镜像，放入即可使用，开箱即用。

API接口管理工具(目前内置微信公众号、微信小程序、企业微信、飞书、钉钉等)

A Python based ingestor for BloodHound

Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers

Reverse Engineer's Toolkit

A variation of ProcessOverwriting to execute shellcode on an executable's section

A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities

A curated list of GPT agents for cybersecurity

🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.

微信客户端取证，可获取用户个人信息(昵称/账号/手机/邮箱/数据库密钥(用来解密聊天记录))；支持获取多用户信息，不定期更新新版本偏移，目前支持所有新版本、正式版本

🎭 SBSCAN是一款专注于spring框架的渗透测试工具，可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive inf…

《云安全攻防入门》教材