Highlights
Block or Report
Block or report orangetw
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuseStars
Language
Sort by: Recently starred
A collection of links related to Korean products hacking
A minimal TLS 1.2 client implementation in a pure Bash script
recon data for public bug bounty programs. due to extreme abuse via automated tools & requests from multiple threat intelligence teams, this project has been archived & moved.
一个支持节点与订阅链接的 Linux 命令行代理工具 | A command-line tool for one-click proxy in your research and development without installing v2ray or anything else (only for linux)
A library for detecting known secrets across many web frameworks
Tiny SHell Go - An open-source backdoor written in Go
A small utility to modify the dynamic linker and RPATH of ELF executables
Proof of concept code for Datadog Security Labs referenced exploits.
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Porting Windows Dynamic Link Libraries to Linux
a "Proof of Concept or GTFO" mirror with an extensive index with also whole issues or individual articles as clean PDFs.
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall
Grafana Unauthorized arbitrary file reading vulnerability
This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly.
Idapython script to carve binary for internal RPC structures
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Indicators from Amnesty International's investigations
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 20…
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
Another Windows Local Privilege Escalation from Service Account to System
Windows Privilege Escalation from User to Domain Admin.