A Semantics-Enhanced Learnable Vulnerability Detector

The Havoc Framework

Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs

PoC Implementation of a fully dynamic call stack spoofer

Collection of Some Publically Available POC Apps to Detect Root/Magisk presence.

shellcodeloader

A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass…

Gather and update all available and newest CVEs with their PoC.

Tools and Techniques for Red Team / Penetration Testing

Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.

Lenovo Diagnostics Driver EoP - Arbitrary R/W

Tips and Tutorials for Bug Bounty and also Penetration Tests.

PowerShell Ransomware Simulator with C2 Server

非常专业的漏洞POC管理、团队授权化漏洞管理、漏洞验证利用、漏洞批量利用框架。

This map lists the essential techniques to bypass anti-virus and EDR

懒鬼插件/审计过的后的渗透插件/我凭本事打的SESSION凭什么还要我自己动手后渗透？

nim,免杀,红队,shellcode,bypass,apt,bypass-av.

CTF 工具集合

shellcode 生成框架

Open Source Vulnerability schema.

CaveCarver - PE backdooring tool which utilizes and automates code cave technique

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper us…

1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.