Redis is an in-memory database that persists on disk. The data model is key-value, but many different kind of values are supported: Strings, Lists, Sets, Sorted Sets, Hashes, Streams, HyperLogLogs,…

A little tool to play with Windows security

windows-kernel-exploits Windows平台提权漏洞集合

Defeating Windows User Account Control

Small portable AES128/192/256 in C

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

generate CobaltStrike's cross-platform payload

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9…

CVE-2021-4034 1day

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

The swiss army knife of LSASS dumping

ESP8266 firmware for performing deauthentication attacks, with ease.

Simple reverse ICMP shell

Situational Awareness commands implemented using Beacon Object Files

bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

Dirty Cow exploit - CVE-2016-5195

绕3环的shellcode免杀框架

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

HookChain: A new perspective for Bypassing EDR Solutions

添加计划任务方法集合

备考 OSCP 的各种干货资料/渗透测试干货资料

hey！这里用来存放公众号中使用的代码