A list of interesting open-source tools
Spring messaging STOMP protocol RCE
Minimal AXIS2 webshell
乌云离线UI
基于 zend_compile_string 的 PHP 加密代码解密工具
非涉密源码
Monthly Backup of awesome-opensource-security
RDP password verification tool - No external libraries required ;-P
常见密码变形方法
Discuz 全自动GetShell 方法#2
滴滴出行风格的城市选择器
*NIX Kernel PatchGuard Implementation
Exploitable drivers, you know what I mean
Monthly Backup of awesome-opensource-security
CDN 网段识别
钓鱼样本,仅截图
Backdooring WordPress with APIs
Consistent Hashing in memcached, a modified version of resty-memcached
利用redis性能探测目录是否存在
Bouncy crypto with AES-256-GCM only
一些没用的后门和病毒样本
Undocumented, not google listed windows internal structure
chrome 扩展例子
An enhanced gitbook TOC plugin
kekeo exploit
CSS Sprite Creator for UNIX systems, public edition has no algorithm on image arrangement.
Reopen the current file and convert from whatever encoding you like to UTF-8
MSbuild.exe Process Injection Tests
Extract and decode pupyrat client configuration
Simple artifact parser
Private NSE scripts
My conky config plus a mpd cover fetcher
静态编译脚本集合
Decrypt connections.dat created with Remote Desktop Organizer
PDB download tool
PXELinux 测试文件
各种安全报告截图,主要是设计比较好的图表
iOS 开发常用代码,Object-C
Malware samples
按行解析,使用 regex 提取字段,并按照指定的名字自动保存为 sqlite
Pcap analysis tool, HTTP parsing
Exchange privilege escalations to Active Directory
Example code to Fuzz WAF rules
Example application for creating multiple desktops on Windows
Publicly released tools/plugins from PPP for DEFCON 25 CTF Finals
Read whatever available from stdin and deliver it to all websocket peers
专注于非越狱环境下iOS应用逆向研究,从dylib注入,应用重签名到App Hook。
Weblogic password decryption, JARs copied from wls12130
Qt lineedit wiget, plus a 'clear' button on the right side.
osx dylib injection
An open-source x64/x32 debugger for windows.
Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent
Redress - A tool for analyzing stripped Go binaries
🍻 A CLI workflow for the administration of macOS applications distributed as binaries
Internals Viewer for SQL Server
BlackArch Linux Guide for Users and Developers
CVE-2021-26855 exp
Rip sandbox out of chromium project
Linux kernel level anti anti-debug solution
extending IDA's string navigation capabilities
过去写的一些Windows安全研究相关代码
Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
Data migration tool
An archive of DR rootkit
An archive of KBeast
Build a minimal kali ISO for VM recovery purpose
A meterpreter extension for applying hooks to avoid windows defender memory scans
Locate ci.dll!g_CiOptions with C#
Convert IndexedDB to SQLite3 with electron
Weaponizing Gigabyte driver for priv escalation and bypass PPL
This is a place to share my miscellaneous projects.
Batch LKM build tool
A full-fledged high-performance socks5 proxy server written in C#. Plugin support included.
iptables monitoring tool, for conky scripting
The only LNK parser that is compatible with .NET 3.5
Windows, Linux, Mono C# port of the SQLite library
Analysis scripts for Ghidra to work with Android NDK libraries.
Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
BloodHound Data Scanner
private abootimg supporting latest boot.img
https://twitter.com/itsreallynick/status/1120410950430089224
A Python module to bypass Cloudflare's anti-bot page.
Tests and Compares PAC Files
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
Low-level Session Traversal Utilities for NAT (STUN) server
Simple 32/64-bit PEs loader.
penetration testing scripts
Repo for random stuff
EBNF grammar of LLVM IR assembly.
Read local Chrome cookies without root or decrypting
OSX tools/scripts focused on Post-Exploitation capabilities
VirtualBox 3D exploits & PoCs
Mogwai Java Management Extensions (JMX) Exploitation Toolkit
A fully functional DanderSpritz lab in 2 commands
Default router passwords collection - offline edition
Source code for a core component of the iPhone's operating system
Automatically compile latest version of mimikatz with VS express
This project EXTENDS BurpLoader's license. It is NOT intended to replace BurpLoader.
Windows Post-Exploitation / Malware Forward Engineering DEF CON 25 Workshop
PoC of CVE/Exploit
Most usable tools for iOS penetration testing
DEFCON CTF 2017 Stuff of Shit by HITCON
A memory scanning tool which uses mach_vm* to either dump memory or look for a specific sequence of bytes.
UPX - the Ultimate Packer for eXecutables
Python and Machine Learning Workshop at Hack.lu 2017
Proof-of-concept codes created as part of security research done by Google Security Team.
A PowerShell module with several functions for working with Office 365 through PowerShell
UAC 0Day all day!
CVE20178570
Vulnerable OTP/2FA Application written in PHP using Google Authenticator
A .NET Class Library for processing ShellLink (LNK) files
Some helpful preload libraries for pwning stuff.
Our released code for BSidesSF CTF 2017
this is a project anti vm on android
Cross-platform, open-source shellbag parser
Nail in the JKS coffin - Cracking passwords of private key entries in a JKS file
A command line tool for creating malicious outlook rules
.NET anti-managed debugger and anti-profiler code
Tool for reverse engineering macOS/OS X
Bypass CloudFlare with Ruby
Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.
windows dbghelp.dll wrapper for js
禁用 family 弹窗功能,以及自动更新
Various PoCs
Android Emulator for mobile security testing
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
RottenPotato local privilege escalation from service account to SYSTEM
Parse and load logs into ElasticSearch
Python wrapper for cdb.exe that can detect and analyze application crashes
android dex extractor ,anti-shell,android 脱壳
security and hacking tools, exploits, proof of concepts, shellcodes, scripts
The program monitors if your default router IP address has changed, in real time
Miscellaneous chromium plugin
VIM code snippets, modified
IIS MetaBase parser
UCenter 辅助脚本, 移植PHP函数到perl. 此模块用于和autopwn交互
Command-line edition of advanced log parser
Minimized / static kernel configurations
Kernel project generator (Linux 2.6+ only)
编程语言 | 排名 | 好于 | 星星数 |
---|---|---|---|
CSS | 524 | 99.05% | 42 |
C | 1917 | 96.34% | 18 |
Java | 1969 | 97.82% | 162 |
C++ | 2253 | 96.21% | 19 |
Python | 3001 | 96.67% | 54 |