收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1300多个poc/exp，长期更新。

domainQuery是一个用于域名批量解析查询的工具。域名/子域名处理。

Nuclei plugin for BurpSuite

侦查守卫(observer_ward)Web应用和服务指纹识别工具

A Security Tool for Bug Bounty, Pentest and Red Teaming.

reNgine

A Security Tool for Bug Bounty, Pentest and Red Teaming.

An Efficient ProxyPool with Getter, Tester and Server

kunwu是新一代webshell检测引擎，使用了内置了模糊规则、污点分析模拟执行、机器学习三种高效的检测策略

A socksv5 proxy tool Written by CLang. 一款纯C实现的基于socks5协议的轻量内网穿透工具，支持ew的全部数据转发方式，支持跨平台使用

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

通过websocket在IIS8(Windows Server 2012)以上实现socks5代理

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

Cobalt Strike Malleable C2 Design and Reference Guide

A fast sub domain brute tool for pentesters

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Web path scanner

about_cobaltstrike4.4_cdf

cobaltstrike4.5版本破解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等

[WIP] 整理过去的分享，从零开始的Kubernetes攻防 🧐

generate CobaltStrike's cross-platform payload

Adversary Emulation Framework

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, inst…

Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (AC…

A .NET Runtime for Cobalt Strike's Beacon Object Files

Persistence by writing/reading shellcode from Event Log

A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation