javaeasyscanner - 富婆系列，代码审计辅助工具，致力于解放大脑，方便双手

Pre-Built Vulnerable Environments Based on Docker-Compose

Awesome EDR Bypass Resources For Ethical Hacking

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

SpringBootAdmin-thymeleaf-SSTI which can cause RCE

Burp suite 分块传输辅助插件

xray+rad批量主动扫描

利用预训练语言模型从非结构化威胁报告中提取 MITRE ATT&CK TTP 信息

A collection of malware samples and relevant dissection information, most probably referenced from https://blog.inquest.net

收集的文章 https://mrwq.github.io/tools/paper/

从零开始内网渗透学习

对权限绕过自动化bypass的burpsuite插件

Extracts cookies from Chrome.

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

dockerfile of CTF web practices

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)

Syscall免杀

Red Teaming Tactics and Techniques

Dockerized CTF web challenges.

一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

Malware samples, analysis exercises and other interesting resources.

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）

List of Awesome CobaltStrike Resources

API字典,API爆破字典

A list of useful payloads and bypass for Web Application Security and Pentest/CTF