Post-exploitation Tool For Windows

A .NET Runtime for Cobalt Strike's Beacon Object Files

Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading

Collection of Beacon Object Files

Shikata ga nai (仕方がない) encoder ported into go with several improvements

Example nginx backdoor via malicious plugin

Covenant is a collaborative .NET C2 framework for red teamers.

Windows Local Privilege Escalation from Service Account to System

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

tomcat自动化漏洞扫描利用工具，支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938/CNVD-2020-10487 文件包含

HeapDump敏感信息提取工具

PoC for CVE-2024-48990

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

The Network Execution Tool

一款集成高危漏洞exp的实用性工具

CVE-2021-22205 Gitlab 未授权远程代码执行漏洞 EXP, 移除了对djvumake & djvulibre的依赖，可在win平台使用

✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的，网页UI、跨平台以及多功能的远程控制和监控工具，你可以随时…

一款集成了DLL-Session0注入，APC注入，映射注入，线程劫持，函数踩踏，提权的工具(支持BIN加解密)

Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.

Exploit for the vulnerability CVE-2024-43044 in Jenkins

AWS云平台 AccessKey 泄漏利用工具

一款内网快速打点的辅助性扫描工具，方便红队人员在内网横向移动前期的信息搜集、漏洞探测利用环节的工作开展。其工具特性主要为支持一键化三个档位的便捷式信息与漏洞扫描或每个功能模块单独式扫描探测功能。

vnt server

Redis 4.x/5.x RCE

Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys

NSmartProxy是一款开源的内网穿透工具。采用.NET CORE的全异步模式打造。(NSmartProxy is an open source reverse proxy tool that creates a secure tunnel from a public endpoint to a locally service.)

云环境利用框架（Cloud exploitation framework）主要用来方便红队人员在获得 AK 的后续工作。

xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作，上传，job等相应操作。

AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike