A curated list of tools for incident response

Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns.

eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)

VulPOC 用于记录本人复现过的漏洞

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Project for tracking publicly disclosed DLL Hijacking opportunities.

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 20…

这是一个基于gh0st远程控制的项目，使自己更深入了解远控的原理，采用VS2017，默认分支hijack还在修改不能执行，master分支的项目可以正常的运行的，你可以切换到该分支查看可以执行的代码

阿里云ECS、策略组辅助小工具

蓝凌OA的前后台密码的加解密工具

Self-developed tools for Lateral Movement/Code Execution

Cyber Security ALL-IN-ONE Platform

goby poc or exp,分享goby最新网络安全漏洞检测或利用代码

A simple and powerful proxy

Command line interface to dump LSASS memory to disk via SilentProcessExit

Java RCE 回显测试代码

955 不加班的公司名单 - 工作 955，work–life balance (工作与生活的平衡)

掩日 - 免杀执行器生成工具

Getting started with static program analysis. 静态程序分析入门教程。

记录自己编写、修改的部分工具

Spring Boot JAR 安全加密运行工具，支持的原生JAR。

平常看到好的渗透hacking工具和多领域效率工具的集合

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

WSDL Parser extension for Burp

Powershell攻击指南----黑客后渗透之道

Asynchronous Password Spraying Tool in C# for Windows Environments

Privilege Escalation Enumeration Script for Windows

Redis RCE 的几种方法

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), ar…