PoC REXX Script to Help with z/OS System enumeration via OMVS/TSO/JCL.

A simple WireGuard tunnel generation script (to file and QR code)

IPS Suricata2MikroTik -CE- is a module for Suricata to read eve.json file and search specifics alert to block the source. This connect to MikroTik via API to add the IP to block.

Reverse SOCKS5 implementation in Go

Flipper Zero Unleashed Firmware

Slides and Codes used for the workshop Red Team Infrastructure Automation

Big Iron Recon & Pwnage

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

Nidhogg is an all-in-one simple to use rootkit.

z/OS - all things security

A collection of Azure AD/Entra tools for offensive and defensive security purposes

forked from frohoff/ysoserial and added my own payloads.

ysoserial修改版，着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。

That repository contains my updates to the well know java deserialization exploitation tool ysoserial.

Scan vulnerable drivers on Windows with loldrivers.io

A little tool to play with the Seclogon service

CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.

Talks and workshops slides

A C2 framework for initial access in Go

Small and highly portable detection tests based on MITRE's ATT&CK.

Adversary Emulation Framework

Jailbreak for A8 through A11, T2 devices, on iOS/iPadOS/tvOS 15.0, bridgeOS 5.0 and higher.

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

a tool to help operate in EDRs' blind spots

Evasive shellcode loader, hooks detector and more

evilginx3 + gophish

Tools and Techniques for Red Team / Penetration Testing

This project aims to compare and evaluate the telemetry of various EDR products.