SaiRson's Projects
windows和linux基线检查,配套自动化检查脚本。纯手打。
一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集,降低红队技术门槛的手册【持续更新】
个人域渗透学习笔记
Alternative Shellcode Execution Via Callbacks
🐜🐜🐜 ants is a high-performance and low-cost goroutine pool in Go, inspired by fasthttp./ ants 是一个高性能且低损耗的 goroutine 池。
An out-of-the-box solution to quickly build enterprise-level applications based on Arco Design.
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
List of Awesome Red Teaming Resources
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
恶意代码逃逸源代码 http://payloads.online
It's a go variant of Hells gate! (directly calling windows kernel functions, but from Go!)
Beacon.dll reverse
not a reverse-engineered version of the Cobalt Strike Beacon
🌩最好的中文README模板⚡️Best README template
Code samples for No Starch Press Black Hat Go
《Black.Hat.Go》中文翻译
Six Degrees of Domain Admin
红蓝对抗跨平台远控工具
Bruteratel
bypass BeaconEye
一个全新的敏感文件发现工具
Pure C++, weaponized, fully automated implementation of RottenPotatoNG
基于已知网站 ssl 证书的信息生成新的自签名证书,除了证书是不被信任的以外,其他的信息看上去基本一致。
PowerShell Script Obfuscator
:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
c++ fully undetected shellcode launcher ;)
《Go 语言编程之旅:一起用 Go 做项目》 第四章:聊天室
A fast TCP/UDP tunnel over HTTP