https://github.com/taielab/awesome-hacking-lists
A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
https://github.com/taielab/awesome-hacking-lists
List: awesome-hacking-lists
agents ai aiagent awesome-list bounty-hunters bug-bounty bugbounty bugbounty-tool hacker hacking hacking-tool hacking-tools kali-scripts llm llm-inference mcp mcp-server pentest-scripts pentesting-tools web
Last synced: about 1 year ago
JSON representation
A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
- Host: GitHub
- URL: https://github.com/taielab/awesome-hacking-lists
- Owner: taielab
- Created: 2020-06-12T09:16:28.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2025-03-26T12:46:33.000Z (about 1 year ago)
- Last Synced: 2025-04-13T22:01:55.498Z (about 1 year ago)
- Topics: agents, ai, aiagent, awesome-list, bounty-hunters, bug-bounty, bugbounty, bugbounty-tool, hacker, hacking, hacking-tool, hacking-tools, kali-scripts, llm, llm-inference, mcp, mcp-server, pentest-scripts, pentesting-tools, web
- Homepage:
- Size: 6.43 MB
- Stars: 1,081
- Watchers: 30
- Forks: 229
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- ultimate-awesome - awesome-hacking-lists - A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!. (Other Lists / TeX Lists)
- awesome - taielab/awesome-hacking-lists - A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit! (miscellaneous)
README
# Awesome Stars [](https://github.com/sindresorhus/awesome)
> A curated list of my GitHub stars! Generated by [starred](https://github.com/maguowei/starred).
## Contents
- [ASL](#asl)
- [ASP.NET](#asp.net)
- [ActionScript](#actionscript)
- [Ada](#ada)
- [Arduino](#arduino)
- [Assembly](#assembly)
- [AutoHotkey](#autohotkey)
- [AutoIt](#autoit)
- [Batchfile](#batchfile)
- [BitBake](#bitbake)
- [Blade](#blade)
- [BlitzBasic](#blitzbasic)
- [Boo](#boo)
- [C](#c)
- [C#](#c#)
- [C++](#c++)
- [CMake](#cmake)
- [CSS](#css)
- [Classic ASP](#classic-asp)
- [Clojure](#clojure)
- [CodeQL](#codeql)
- [ColdFusion](#coldfusion)
- [Dart](#dart)
- [Dockerfile](#dockerfile)
- [Emacs Lisp](#emacs-lisp)
- [Erlang](#erlang)
- [F#](#f#)
- [Fluent](#fluent)
- [FreeMarker](#freemarker)
- [Go](#go)
- [Groovy](#groovy)
- [HCL](#hcl)
- [HTML](#html)
- [Hack](#hack)
- [Haskell](#haskell)
- [Inno Setup](#inno-setup)
- [Java](#java)
- [JavaScript](#javascript)
- [Jinja](#jinja)
- [Jupyter Notebook](#jupyter-notebook)
- [KiCad Layout](#kicad-layout)
- [Kotlin](#kotlin)
- [LLVM](#llvm)
- [Logos](#logos)
- [Lua](#lua)
- [MATLAB](#matlab)
- [Makefile](#makefile)
- [Markdown](#markdown)
- [Mask](#mask)
- [Max](#max)
- [Mustache](#mustache)
- [NSIS](#nsis)
- [Nginx](#nginx)
- [Nim](#nim)
- [Nix](#nix)
- [Nunjucks](#nunjucks)
- [OCaml](#ocaml)
- [Objective-C](#objective-c)
- [Objective-C++](#objective-c++)
- [Open Policy Agent](#open-policy-agent)
- [Others](#others)
- [PHP](#php)
- [PLpgSQL](#plpgsql)
- [Pascal](#pascal)
- [Perl](#perl)
- [PostScript](#postscript)
- [PowerShell](#powershell)
- [Propeller Spin](#propeller-spin)
- [Pug](#pug)
- [Python](#python)
- [QMake](#qmake)
- [REXX](#rexx)
- [Rascal](#rascal)
- [Rich Text Format](#rich-text-format)
- [Roff](#roff)
- [Ruby](#ruby)
- [Rust](#rust)
- [SCSS](#scss)
- [Sage](#sage)
- [SaltStack](#saltstack)
- [Scala](#scala)
- [Scheme](#scheme)
- [Shell](#shell)
- [Smali](#smali)
- [Smarty](#smarty)
- [Solidity](#solidity)
- [SourcePawn](#sourcepawn)
- [Starlark](#starlark)
- [Svelte](#svelte)
- [Swift](#swift)
- [TSQL](#tsql)
- [Tcl](#tcl)
- [TeX](#tex)
- [TypeScript](#typescript)
- [VBA](#vba)
- [VBScript](#vbscript)
- [VCL](#vcl)
- [Vim Script](#vim-script)
- [Visual Basic](#visual-basic)
- [Visual Basic .NET](#visual-basic-.net)
- [Vue](#vue)
- [XSLT](#xslt)
- [YAML](#yaml)
- [YARA](#yara)
- [Zeek](#zeek)
- [Zig](#zig)
- [nesC](#nesc)
- [templ](#templ)
## ASL
- [postgres-cn/pgdoc-cn](https://github.com/postgres-cn/pgdoc-cn) - PostgreSQL manual Chinese translation by China PostgreSQL Users Group
## ASP.NET
- [Jean-Francois-C/Webshell-Upload-and-Web-RCE-Techniques](https://github.com/Jean-Francois-C/Webshell-Upload-and-Web-RCE-Techniques) - Classic Web shell upload techniques & Web RCE techniques
## ActionScript
- [appsecco/json-flash-csrf-poc](https://github.com/appsecco/json-flash-csrf-poc) - This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
## Ada
- [PatrikFehrenbach/amass-tools](https://github.com/PatrikFehrenbach/amass-tools) -
## Arduino
- [UnicycleDumpTruck/MissionControl](https://github.com/UnicycleDumpTruck/MissionControl) - This kids' homework desk has top that flips up to reveal a space-themed control panel.
- [spacehuhn/wifi_keylogger](https://github.com/spacehuhn/wifi_keylogger) - DIY Arduino Wi-Fi Keylogger (Proof of Concept)
## Assembly
- [enkomio/AlanFramework](https://github.com/enkomio/AlanFramework) - A C2 post-exploitation framework
- [MortenSchenk/Token-Stealing-Shellcode](https://github.com/MortenSchenk/Token-Stealing-Shellcode) -
- [xenoscr/SysWhispers2](https://github.com/xenoscr/SysWhispers2) - AV/EDR evasion via direct system calls.
- [timwhitez/Doge-Direct-Syscall](https://github.com/timwhitez/Doge-Direct-Syscall) - Golang Direct Syscall
- [klezVirus/inceptor](https://github.com/klezVirus/inceptor) - Template-Driven AV/EDR Evasion Framework
- [guitmz/memrun](https://github.com/guitmz/memrun) - Small tool to run ELF binaries from memory with a given process name
- [DownWithUp/DynamicKernelShellcode](https://github.com/DownWithUp/DynamicKernelShellcode) - An example of how x64 kernel shellcode can dynamically find and use APIs
- [mai1zhi2/SysWhispers2_x86](https://github.com/mai1zhi2/SysWhispers2_x86) - X86 version of syswhispers2 / x86 direct system call
- [jthuraisamy/SysWhispers2](https://github.com/jthuraisamy/SysWhispers2) - AV/EDR evasion via direct system calls.
- [Cybereason/siofra](https://github.com/Cybereason/siofra) -
- [mytechnotalent/Reverse-Engineering](https://github.com/mytechnotalent/Reverse-Engineering) - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
- [jjyr/jonesforth_riscv](https://github.com/jjyr/jonesforth_riscv) - Jonesforth RISC-V port.
- [vxunderground/MalwareSourceCode](https://github.com/vxunderground/MalwareSourceCode) - Collection of malware source code for a variety of platforms in an array of different programming languages.
- [antonioCoco/Mapping-Injection](https://github.com/antonioCoco/Mapping-Injection) - Just another Windows Process Injection
- [jthuraisamy/SysWhispers](https://github.com/jthuraisamy/SysWhispers) - AV/EDR evasion via direct system calls.
- [tinysec/windows-syscall-table](https://github.com/tinysec/windows-syscall-table) - windows syscall table from xp ~ 10 rs4
## AutoHotkey
- [xianyukang/MyKeymap](https://github.com/xianyukang/MyKeymap) - 一款基于 AutoHotkey 的键盘映射工具
- [goreliu/runz](https://github.com/goreliu/runz) - RunZ,专业的快速启动工具
- [kookob/smpic](https://github.com/kookob/smpic) - Windows下面的SM.MS图床上传工具
## AutoIt
- [WildByDesign/ACLViewer](https://github.com/WildByDesign/ACLViewer) - ACL Viewer for Windows
## Batchfile
- [lxgw/LxgwWenKai](https://github.com/lxgw/LxgwWenKai) - An open-source Chinese font derived from Fontworks' Klee One. 一款开源中文字体,基于 FONTWORKS 出品字体 Klee One 衍生。
- [gsuberland/lbfo_win10](https://github.com/gsuberland/lbfo_win10) - Re-enable NIC teaming (LBFO) in Windows 10 using components from Windows Server.
- [SkyBlueEternal/jdk-change](https://github.com/SkyBlueEternal/jdk-change) - 支持windows\linux\macOS | jdk一键切换版本\一键切换jdk版本\jdk版本更换
- [0xbinibini/emergency_response_batch](https://github.com/0xbinibini/emergency_response_batch) - 应急响应,应急响应脚本,应急响应批处理;将Windows查看日志用户端口等命令集成在批处理脚本中。让熟练的应急人员能省去多次重复的敲击和记忆,并通过读取配置文件来调用Windows自带的命令结束进程服务等,本批处理尽量不调用任何外部的工具。任何调用的外部工具都将会存放在plugin目录下可按需使用,力图使用最原生的命令行来完成工作。
- [SoraShu/easyconn-socks5-for-HITsz](https://github.com/SoraShu/easyconn-socks5-for-HITsz) - 在服务器上运行easyconnect并建立socks5代理,实现win电脑上免安装easyconnect访问校园内网。
- [r00t4dm/CVE-2020-27955](https://github.com/r00t4dm/CVE-2020-27955) -
- [swagkarna/Defeat-Defender-V1.2.0](https://github.com/swagkarna/Defeat-Defender-V1.2.0) - Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
- [wafinfo/cobaltstrike](https://github.com/wafinfo/cobaltstrike) - cobaltstrike插件
- [chroblert/JC-jEnv](https://github.com/chroblert/JC-jEnv) - windows java environ manage
- [massgravel/Microsoft-Activation-Scripts](https://github.com/massgravel/Microsoft-Activation-Scripts) - Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.
- [sagishahar/lpeworkshop](https://github.com/sagishahar/lpeworkshop) - Windows / Linux Local Privilege Escalation Workshop
- [maguowei/k8s-docker-desktop-for-mac](https://github.com/maguowei/k8s-docker-desktop-for-mac) - Docker Desktop for Mac 开启并使用 Kubernetes
- [ihacku/winhardening](https://github.com/ihacku/winhardening) - windows 加固脚本
- [frizb/Windows-Privilege-Escalation](https://github.com/frizb/Windows-Privilege-Escalation) - Windows Privilege Escalation Techniques and Scripts
- [acgbfull/IBM_Appscan_Batch_Scan_Script](https://github.com/acgbfull/IBM_Appscan_Batch_Scan_Script) - IBM AppScan批量扫描脚本
- [crazywifi/RDP_SessionHijacking](https://github.com/crazywifi/RDP_SessionHijacking) - Passwordless RDP Session Hijacking
- [mxk/windows-secure-group-policy](https://github.com/mxk/windows-secure-group-policy) - Windows 11 secure group policy for standalone devices
- [so87/CISSP-Study-Guide](https://github.com/so87/CISSP-Study-Guide) - study material used for the 2018 CISSP exam
- [Tai7sy/fuckcdn](https://github.com/Tai7sy/fuckcdn) - CDN真实IP扫描,易语言开发
- [NextronSystems/APTSimulator](https://github.com/NextronSystems/APTSimulator) - A toolset to make a system look as if it was the victim of an APT attack
- [auspbro/domain-admin-crack](https://github.com/auspbro/domain-admin-crack) - :cactus: 入域电脑用户本地提权
- [bartblaze/Disable-Intel-AMT](https://github.com/bartblaze/Disable-Intel-AMT) - Tool to disable Intel AMT on Windows
- [NuclearPhoenixx/fake-sandbox](https://github.com/NuclearPhoenixx/fake-sandbox) - 👁🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
- [wzulfikar/ngrok-caddy](https://github.com/wzulfikar/ngrok-caddy) - Script to run ngrok with (optional) caddy server
## BitBake
- [xer0times/BugBounty](https://github.com/xer0times/BugBounty) - Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...
## Blade
- [dbarzin/mercator](https://github.com/dbarzin/mercator) - Mapping the information system / Cartographie du système d'information
## BlitzBasic
- [Sy3Omda/burp-bounty](https://github.com/Sy3Omda/burp-bounty) - Burp Bounty profiles
- [six2dez/burp-bounty-profiles](https://github.com/six2dez/burp-bounty-profiles) - Burp Bounty profiles compilation, feel free to contribute!
- [PortSwigger/scan-check-builder](https://github.com/PortSwigger/scan-check-builder) - Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
- [1N3/IntruderPayloads](https://github.com/1N3/IntruderPayloads) - A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
- [ghsec/BBProfiles](https://github.com/ghsec/BBProfiles) - Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
## Boo
- [byt3bl33d3r/SILENTTRINITY](https://github.com/byt3bl33d3r/SILENTTRINITY) - An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
## C
- [ImKKingshuk/RootShield](https://github.com/ImKKingshuk/RootShield) - RootShield : The Ultimate Shield for Rooted Android Devices - Protect your rooted Android device from unauthorized file operations and process executions! 🛡️ RootShield is a powerful kernel module tha
- [google/security-research](https://github.com/google/security-research) - This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
- [linktools-toolkit/linktools](https://github.com/linktools-toolkit/linktools) - 记录了在移动端漏洞分析和合规扫描过程中涉及的一些常用功能,以Python库的方式提供使用
- [varwara/CVE-2024-35250](https://github.com/varwara/CVE-2024-35250) - PoC for the Untrusted Pointer Dereference in the ks.sys driver
- [hengyoush/kyanos](https://github.com/hengyoush/kyanos) - Kyanos is a networking analysis tool using eBPF. It can visualize the time packets spend in the kernel, capture requests/responses, makes troubleshooting more efficient.
- [wangfly-me/LoaderFly](https://github.com/wangfly-me/LoaderFly) - 助力每一位RT队员,快速生成免杀木马
- [gianlucaborello/libprocesshider](https://github.com/gianlucaborello/libprocesshider) - Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
- [paokuwansui/Antivirus_killer](https://github.com/paokuwansui/Antivirus_killer) - 免杀主流防病毒软件
- [P001water/yuze](https://github.com/P001water/yuze) - A socksv5 proxy tool Written by CLang. 一款纯C实现的轻量内网穿透工具,支持正向,反向socks5代理隧道的搭建,支持跨平台使用。
- [OracleNep/Nday-Exploit-Plan](https://github.com/OracleNep/Nday-Exploit-Plan) - 历史漏洞的细节以及利用方法汇总收集
- [iridium-soda/container-escape-exploits](https://github.com/iridium-soda/container-escape-exploits) - 整理容器逃逸相关的漏洞和exploits.
- [baiyies/AutoMonitor](https://github.com/baiyies/AutoMonitor) - windows自动监控截图工具。 windows automatic screenshoter.
- [h4ckm310n/Container-Vulnerability-Exploit](https://github.com/h4ckm310n/Container-Vulnerability-Exploit) - 容器安全漏洞的分析与复现
- [m0nad/Diamorphine](https://github.com/m0nad/Diamorphine) - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
- [PolarPeak/NIDS](https://github.com/PolarPeak/NIDS) - 基于Suricata简单的网络入侵检测系统,也是我的垃圾毕业设计,目前仅仅是一个demo。
- [evilashz/PigScheduleTask](https://github.com/evilashz/PigScheduleTask) - 添加计划任务方法集合
- [kernweak/minicrypt](https://github.com/kernweak/minicrypt) - 基于MiniFilter和Sfilter的加解密
- [esnet/iperf](https://github.com/esnet/iperf) - iperf3: A TCP, UDP, and SCTP network bandwidth measurement tool
- [qwqdanchun/HVNC](https://github.com/qwqdanchun/HVNC) - 基于Tinynuke修复得到的HVNC
- [baidu/dperf](https://github.com/baidu/dperf) - dperf is a 100Gbps network load tester.
- [H4K6/CVE-2023-0179-PoC](https://github.com/H4K6/CVE-2023-0179-PoC) - 针对(CVE-2023-0179)漏洞利用 该漏洞被分配为CVE-2023-0179,影响了从5.5到6.2-rc3的所有Linux版本,该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。
- [Impalabs/CVE-2023-27326](https://github.com/Impalabs/CVE-2023-27326) - VM Escape for Parallels Desktop <18.1.1
- [libAudioFlux/audioFlux](https://github.com/libAudioFlux/audioFlux) - A library for audio and music analysis, feature extraction.
- [chompie1337/Windows_LPE_AFD_CVE-2023-21768](https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768) - LPE exploit for CVE-2023-21768
- [xforcered/Windows_LPE_AFD_CVE-2023-21768](https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768) - LPE exploit for CVE-2023-21768
- [Esonhugh/sshd_backdoor](https://github.com/Esonhugh/sshd_backdoor) - /root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
- [brosck/Pingoor](https://github.com/brosck/Pingoor) - 「🚪」Linux Backdoor based on ICMP protocol
- [nelhage/reptyr](https://github.com/nelhage/reptyr) - Reparent a running program to a new terminal
- [itm4n/PPLdump](https://github.com/itm4n/PPLdump) - Dump the memory of a PPL with a userland exploit
- [zh-explorer/dirtycow](https://github.com/zh-explorer/dirtycow) - exploit for dirtycow
- [Coldzer0/ReverseSock5Proxy](https://github.com/Coldzer0/ReverseSock5Proxy) - A tiny Reverse Sock5 Proxy written in C :V
- [Cerbersec/KillDefenderBOF](https://github.com/Cerbersec/KillDefenderBOF) - Beacon Object File PoC implementation of KillDefender
- [seventeenman/noELF](https://github.com/seventeenman/noELF) - Linux下用于远程加载可执行文件以达到内存加载的目的
- [Kevin-sa/ebpf-supply-chain](https://github.com/Kevin-sa/ebpf-supply-chain) - 利用ebpf做pypi恶意包检测
- [yukar1z0e/cloudswordtsh](https://github.com/yukar1z0e/cloudswordtsh) - 多用户版linux/freebsd/openbsd/netbsd/cygwin/sunos/irix/hpux/osf的远控tiny shell
- [Octoberfest7/EventViewerUAC_BOF](https://github.com/Octoberfest7/EventViewerUAC_BOF) - Beacon Object File implementation of Event Viewer deserialization UAC bypass
- [Rvn0xsy/SchtaskCreator](https://github.com/Rvn0xsy/SchtaskCreator) - 远程创建任务计划工具
- [Libraggbond/EventViewerBypassUacBof](https://github.com/Libraggbond/EventViewerBypassUacBof) - EventViewer Bypass Uac Bof
- [randorisec/CVE-2022-34918-LPE-PoC](https://github.com/randorisec/CVE-2022-34918-LPE-PoC) -
- [h3xduck/TripleCross](https://github.com/h3xduck/TripleCross) - A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
- [pytorch/cpuinfo](https://github.com/pytorch/cpuinfo) - CPU INFOrmation library (x86/x86-64/ARM/ARM64, Linux/Windows/Android/macOS/iOS)
- [byt3bl33d3r/BOF-Zig](https://github.com/byt3bl33d3r/BOF-Zig) - Cobalt Strike BOF with Zig!
- [crisprss/PetitPotam](https://github.com/crisprss/PetitPotam) - 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, a series of local rights escalation methods have been realized
- [Cracked5pider/Ekko](https://github.com/Cracked5pider/Ekko) - Sleep Obfuscation
- [helloexp/0day](https://github.com/helloexp/0day) - 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
- [tr3ee/CVE-2022-23222](https://github.com/tr3ee/CVE-2022-23222) - CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
- [synacktiv/ica2tcp](https://github.com/synacktiv/ica2tcp) - A SOCKS proxy for Citrix.
- [thefLink/DeepSleep](https://github.com/thefLink/DeepSleep) - A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
- [q77190858/CVE-2021-3156](https://github.com/q77190858/CVE-2021-3156) - sudo提权漏洞CVE-2021-3156复现代码
- [nsacyber/Hardware-and-Firmware-Security-Guidance](https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance) - Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as gene
- [nemo-wq/PrintNightmare-CVE-2021-34527](https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527) - PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits
- [LDrakura/Remote_ShellcodeLoader](https://github.com/LDrakura/Remote_ShellcodeLoader) - 远程shellcode加载&权限维持+小功能
- [JDArmy/RPCSCAN](https://github.com/JDArmy/RPCSCAN) - RPC远程主机信息匿名扫描工具
- [jituo666/AndroidEventRecorder](https://github.com/jituo666/AndroidEventRecorder) - A recorder used for recording user actions on Android platforms.
- [liudf0716/xfrpc](https://github.com/liudf0716/xfrpc) - The xfrpc project is a lightweight implementation of the FRP client written in C language for OpenWRT and IoT systems. It is designed to provide an efficient solution for resource-constrained devices
- [Mr-Un1k0d3r/WindowsDllsExport](https://github.com/Mr-Un1k0d3r/WindowsDllsExport) - A list of all the DLLs export in C:\windows\system32\
- [trustedsec/CS-Remote-OPs-BOF](https://github.com/trustedsec/CS-Remote-OPs-BOF) -
- [3nock/OTE](https://github.com/3nock/OTE) - OSINT Template Engine
- [DataDog/security-labs-pocs](https://github.com/DataDog/security-labs-pocs) - Proof of concept code for Datadog Security Labs referenced exploits.
- [outflanknl/C2-Tool-Collection](https://github.com/outflanknl/C2-Tool-Collection) - A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
- [chicharitomu14/AndScanner](https://github.com/chicharitomu14/AndScanner) - This is the project for the paper “Large-scale Security Measurements on the Android Firmware Ecosystem” in ICSE2022
- [rbsec/sslscan](https://github.com/rbsec/sslscan) - sslscan tests SSL/TLS enabled services to discover supported cipher suites
- [krisnova/boopkit](https://github.com/krisnova/boopkit) - Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
- [bytedance/bhook](https://github.com/bytedance/bhook) - :fire: ByteHook is an Android PLT hook library which supports armeabi-v7a, arm64-v8a, x86 and x86_64.
- [r0ysue/AndroidFridaBeginnersBook](https://github.com/r0ysue/AndroidFridaBeginnersBook) - 《安卓Frida逆向与抓包实战》随书附件
- [easychen/pushdeer](https://github.com/easychen/pushdeer) - 开放源码的无App推送服务,iOS14+扫码即用。亦支持快应用/iOS和Mac客户端、Android客户端、自制设备
- [emptymonkey/revsh](https://github.com/emptymonkey/revsh) - A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
- [Bonfee/CVE-2022-0995](https://github.com/Bonfee/CVE-2022-0995) - CVE-2022-0995 exploit
- [RfidResearchGroup/proxmark3](https://github.com/RfidResearchGroup/proxmark3) - Iceman Fork - Proxmark3
- [gojue/ecapture](https://github.com/gojue/ecapture) - Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
- [ly4k/PwnKit](https://github.com/ly4k/PwnKit) - Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
- [crisprss/PrintSpoofer](https://github.com/crisprss/PrintSpoofer) - PrintSpoofer的反射dll实现,结合Cobalt Strike使用
- [AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits) - A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.
- [mponcet/subversive](https://github.com/mponcet/subversive) - x86_64 linux rootkit using debug registers
- [therealdreg/lsrootkit](https://github.com/therealdreg/lsrootkit) - Rootkit Detector for UNIX
- [Arinerron/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit) - A root exploit for CVE-2022-0847 (Dirty Pipe)
- [Bonfee/CVE-2022-25636](https://github.com/Bonfee/CVE-2022-25636) - CVE-2022-25636
- [bopin2020/WindowsCamp](https://github.com/bopin2020/WindowsCamp) - Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&
- [Lojii/Knot](https://github.com/Lojii/Knot) - 一款iOS端基于MITM(中间人攻击技术)实现的HTTPS抓包工具,完整的App,核心代码使用SwiftNIO实现
- [r4j0x00/exploits](https://github.com/r4j0x00/exploits) -
- [SentryPeer/SentryPeer](https://github.com/SentryPeer/SentryPeer) - Protect your SIP Servers from bad actors at https://sentrypeer.org
- [b1n4r1b01/n-days](https://github.com/b1n4r1b01/n-days) -
- [linux-lock/bpflock](https://github.com/linux-lock/bpflock) - bpflock - eBPF driven security for locking and auditing Linux machines
- [Rvn0xsy/CVE-2021-4034](https://github.com/Rvn0xsy/CVE-2021-4034) - CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation
- [0verSp4ce/CVE-2021-4034](https://github.com/0verSp4ce/CVE-2021-4034) - CVE-2021-4034, For Webshell Version.
- [MichaelDim02/Narthex](https://github.com/MichaelDim02/Narthex) - Modular personalized dictionary generator.
- [FlamingSpork/iptable_evil](https://github.com/FlamingSpork/iptable_evil) - An evil bit backdoor for iptables
- [kyleavery/inject-assembly](https://github.com/kyleavery/inject-assembly) - Inject .NET assemblies into an existing process
- [spieglt/whatfiles](https://github.com/spieglt/whatfiles) - Log what files are accessed by any Linux process
- [berdav/CVE-2021-4034](https://github.com/berdav/CVE-2021-4034) - CVE-2021-4034 1day
- [arthepsy/CVE-2021-4034](https://github.com/arthepsy/CVE-2021-4034) - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
- [Ayrx/CVE-2021-4034](https://github.com/Ayrx/CVE-2021-4034) - Exploit for CVE-2021-4034
- [xbyl1234/android_analysis](https://github.com/xbyl1234/android_analysis) - a few android analysis tools, jni trace by native hook, libc hook, write log with caller's addr in file or AndroidLog
- [aaaddress1/Skrull](https://github.com/aaaddress1/Skrull) - Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting te
- [thefLink/Hunt-Sleeping-Beacons](https://github.com/thefLink/Hunt-Sleeping-Beacons) - Aims to identify sleeping beacons
- [Rvn0xsy/linux_dirty](https://github.com/Rvn0xsy/linux_dirty) - 更改后的脏牛提权代码,可以往任意文件写入任意内容,去除交互过程
- [revng/pagebuster](https://github.com/revng/pagebuster) - PageBuster - dump all executable pages of packed processes.
- [screetsec/TheFatRat](https://github.com/screetsec/TheFatRat) - Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then
- [f0rb1dd3n/Reptile](https://github.com/f0rb1dd3n/Reptile) - LKM Linux rootkit
- [lcatro/qemu-fuzzer](https://github.com/lcatro/qemu-fuzzer) - Qemu Fuzzer.针对Qemu模拟设备的模糊测试工具,主要思路是Host生成种子Data,然后传递给Guest中转程序,由中转程序访问MMIO,以达到和模拟设备的交互,不同于qtest自带的fuzzer.
- [chriskaliX/Hades](https://github.com/chriskaliX/Hades) - Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
- [n0b0dyCN/redis-rogue-server](https://github.com/n0b0dyCN/redis-rogue-server) - Redis(<=5.0.5) RCE
- [wavestone-cdt/EDRSandblast](https://github.com/wavestone-cdt/EDRSandblast) -
- [OALabs/BlobRunner](https://github.com/OALabs/BlobRunner) - Quickly debug shellcode extracted during malware analysis
- [SweetIceLolly/Huorong_Vulnerabilities](https://github.com/SweetIceLolly/Huorong_Vulnerabilities) - Huorong Internet Security vulnerabilities 火绒安全软件漏洞
- [scareing/cmd2shellcode](https://github.com/scareing/cmd2shellcode) - cmd2shellcode
- [securifybv/Visual-Studio-BOF-template](https://github.com/securifybv/Visual-Studio-BOF-template) - A Visual Studio template used to create Cobalt Strike BOFs
- [HexHive/USBFuzz](https://github.com/HexHive/USBFuzz) - A Framework for fuzzing USB Drivers by Device Emulation
- [fortra/nanodump](https://github.com/fortra/nanodump) - The swiss army knife of LSASS dumping
- [0671/RedisModules-ExecuteCommand-for-Windows](https://github.com/0671/RedisModules-ExecuteCommand-for-Windows) - 可在Windows下执行系统命令的Redis模块,可用于Redis主从复制攻击。
- [Lakr233/Decrypter](https://github.com/Lakr233/Decrypter) - An easy way to decrypt UIKit app.
- [idealeer/xmap](https://github.com/idealeer/xmap) - XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning.
- [wolfpython/nids](https://github.com/wolfpython/nids) - 基于网络的入侵检测系统
- [dismantl/ImprovedReflectiveDLLInjection](https://github.com/dismantl/ImprovedReflectiveDLLInjection) - An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
- [aircrack-ng/mdk4](https://github.com/aircrack-ng/mdk4) - MDK4
- [boku7/injectEtwBypass](https://github.com/boku7/injectEtwBypass) - CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
- [codewhitesec/HandleKatz](https://github.com/codewhitesec/HandleKatz) - PIC lsass dumper using cloned handles
- [gentilkiwi/kekeo](https://github.com/gentilkiwi/kekeo) - A little toolbox to play with Microsoft Kerberos in C
- [EspressoCake/PPLDump_BOF](https://github.com/EspressoCake/PPLDump_BOF) - A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
- [microsoft/omi](https://github.com/microsoft/omi) - Open Management Infrastructure
- [seL4/seL4](https://github.com/seL4/seL4) - The seL4 microkernel
- [outflanknl/PrintNightmare](https://github.com/outflanknl/PrintNightmare) -
- [cube0x0/SharpSystemTriggers](https://github.com/cube0x0/SharpSystemTriggers) - Collection of remote authentication triggers in C#
- [paranoidninja/PIC-Get-Privileges](https://github.com/paranoidninja/PIC-Get-Privileges) - Building and Executing Position Independent Shellcode from Object Files in Memory
- [SolomonSklash/SleepyCrypt](https://github.com/SolomonSklash/SleepyCrypt) - A shellcode function to encrypt a running process image when sleeping.
- [limithit/NginxExecute](https://github.com/limithit/NginxExecute) - The NginxExecute module executes the shell command through GET POST and HEAD to display the result.
- [boku7/azureOutlookC2](https://github.com/boku7/azureOutlookC2) - Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Micro
- [cyberark/rdpfuzz](https://github.com/cyberark/rdpfuzz) - Tools for fuzzing RDP
- [mprovost/NFStash](https://github.com/mprovost/NFStash) - NFS client CLI toolkit
- [aaaddress1/PR0CESS](https://github.com/aaaddress1/PR0CESS) - some gadgets about windows process and ready to use :)
- [superflexible/TGPuttyLib](https://github.com/superflexible/TGPuttyLib) - An SFTP client shared library (dll/so/dylib) with bindings and classes for C++, Delphi and Free Pascal based on PuTTY
- [ttdennis/fpicker](https://github.com/ttdennis/fpicker) - fpicker is a Frida-based fuzzing suite supporting various modes (including AFL++ in-process fuzzing)
- [mgeeky/ElusiveMice](https://github.com/mgeeky/ElusiveMice) - Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
- [boku7/whereami](https://github.com/boku7/whereami) - Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.
- [frkngksl/Huan](https://github.com/frkngksl/Huan) - Encrypted PE Loader Generator
- [Yubico/yubico-c](https://github.com/Yubico/yubico-c) - YubiKey C low-level library (libyubikey)
- [RUB-SysSec/Nyx](https://github.com/RUB-SysSec/Nyx) - USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types
- [glmcdona/Process-Dump](https://github.com/glmcdona/Process-Dump) - Windows tool for dumping malware PE files from memory back to disk for analysis.
- [alfarom256/BOF-ForeignLsass](https://github.com/alfarom256/BOF-ForeignLsass) -
- [knightswd/ProcessGhosting](https://github.com/knightswd/ProcessGhosting) -
- [NoOne-hub/Beacon.dll](https://github.com/NoOne-hub/Beacon.dll) - Beacon.dll reverse
- [boku7/BokuLoader](https://github.com/boku7/BokuLoader) - A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
- [aqi00/advanceapp](https://github.com/aqi00/advanceapp) - 《Android App开发进阶与项目实战》随书源码
- [horsicq/PDBRipper](https://github.com/horsicq/PDBRipper) - PDBRipper is a utility for extract an information from PDB-files.
- [Gui774ume/ebpfkit](https://github.com/Gui774ume/ebpfkit) - ebpfkit is a rootkit powered by eBPF
- [jrbrtsn/ban2fail](https://github.com/jrbrtsn/ban2fail) - Simple & efficient log file scanning and iptable filtering
- [cdpxe/NELphase](https://github.com/cdpxe/NELphase) - Network Environment Learning (NEL) Phase for Covert Channels (with a Feedback Channel)
- [ZhangZhuoSJTU/StochFuzz](https://github.com/ZhangZhuoSJTU/StochFuzz) - Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting
- [connormcgarr/cThreadHijack](https://github.com/connormcgarr/cThreadHijack) - Beacon Object File (BOF) for remote process injection via thread hijacking
- [boku7/injectAmsiBypass](https://github.com/boku7/injectAmsiBypass) - Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
- [LloydLabs/process-enumeration-stealth](https://github.com/LloydLabs/process-enumeration-stealth) -
- [hasherezade/process_ghosting](https://github.com/hasherezade/process_ghosting) - Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
- [GJDuck/e9patch](https://github.com/GJDuck/e9patch) - A powerful static binary rewriting tool
- [djkaty/Il2CppInspector](https://github.com/djkaty/Il2CppInspector) - Powerful automated tool for reverse engineering Unity IL2CPP binaries
- [merbanan/rtl_433](https://github.com/merbanan/rtl_433) - Program to decode radio transmissions from devices on the ISM bands (and other frequencies)
- [killvxk/Beacon](https://github.com/killvxk/Beacon) - Lightweight, header-only C++ IPC library for Windows operating systems (Vista+) using advanced local procedure calls
- [sliverarmory/COFFLoader](https://github.com/sliverarmory/COFFLoader) -
- [joshfaust/Alaris](https://github.com/joshfaust/Alaris) - A protective and Low Level Shellcode Loader that defeats modern EDR systems.
- [OWASP/IoTGoat](https://github.com/OWASP/IoTGoat) - IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
- [ndilieto/uacme](https://github.com/ndilieto/uacme) - ACMEv2 client written in plain C with minimal dependencies
- [client9/libinjection](https://github.com/client9/libinjection) - SQL / SQLI tokenizer parser analyzer
- [alipay/ios-malicious-bithunter](https://github.com/alipay/ios-malicious-bithunter) - iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the macho file of the injected dylib dynamic library based on runtime. If you are inte
- [xuanxuan0/TiEtwAgent](https://github.com/xuanxuan0/TiEtwAgent) - PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
- [antonioCoco/RemotePotato0](https://github.com/antonioCoco/RemotePotato0) - Windows Privilege Escalation from User to Domain Admin.
- [greenbone/gvmd](https://github.com/greenbone/gvmd) - Greenbone Vulnerability Manager - The database backend for the Greenbone Community Edition
- [topotam/PetitPotam](https://github.com/topotam/PetitPotam) - PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
- [CCob/BOF.NET](https://github.com/CCob/BOF.NET) - A .NET Runtime for Cobalt Strike's Beacon Object Files
- [0xricksanchez/dlink-decrypt](https://github.com/0xricksanchez/dlink-decrypt) - D-Link firmware decryption PoC
- [boku7/spawn](https://github.com/boku7/spawn) - Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG),
- [xforcered/InlineExecute-Assembly](https://github.com/xforcered/InlineExecute-Assembly) - InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional f
- [inspiringz/CVE-2021-3493](https://github.com/inspiringz/CVE-2021-3493) - CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)
- [wbenny/injdrv](https://github.com/wbenny/injdrv) - proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
- [CCob/SylantStrike](https://github.com/CCob/SylantStrike) - Simple EDR implementation to demonstrate bypass
- [jattach/jattach](https://github.com/jattach/jattach) - JVM Dynamic Attach utility
- [anthemtotheego/InlineExecute-Assembly](https://github.com/anthemtotheego/InlineExecute-Assembly) - InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional f
- [praetorian-inc/PortBender](https://github.com/praetorian-inc/PortBender) - TCP Port Redirection Utility
- [hlldz/CVE-2021-1675-LPE](https://github.com/hlldz/CVE-2021-1675-LPE) - Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527
- [blackorbird/PrintNightmare](https://github.com/blackorbird/PrintNightmare) -
- [iqiyi/qnsm](https://github.com/iqiyi/qnsm) - QNSM is network security monitoring framework based on DPDK.
- [Yaxser/Backstab](https://github.com/Yaxser/Backstab) - A tool to kill antimalware protected processes
- [CaledoniaProject/rdpscan](https://github.com/CaledoniaProject/rdpscan) - RDP password verification tool - No external libraries required ;-P
- [wonderkun/go-packer](https://github.com/wonderkun/go-packer) - golang打包二进制进行免杀
- [cgwalters/cve-2020-14386](https://github.com/cgwalters/cve-2020-14386) -
- [alipay/Owfuzz](https://github.com/alipay/Owfuzz) - Owfuzz: a WiFi protocol fuzzing tool
- [passthehashbrowns/hook-integrity-checks](https://github.com/passthehashbrowns/hook-integrity-checks) -
- [kevmitch/win_battery_log](https://github.com/kevmitch/win_battery_log) - command line battery stats for MS Windows
- [passthehashbrowns/hiding-your-syscalls](https://github.com/passthehashbrowns/hiding-your-syscalls) - Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.
- [yarrick/iodine](https://github.com/yarrick/iodine) - Official git repo for iodine dns tunnel
- [airbus-cyber/afl_ghidra_emu](https://github.com/airbus-cyber/afl_ghidra_emu) -
- [ApsaraDB/PolarDB-for-PostgreSQL](https://github.com/ApsaraDB/PolarDB-for-PostgreSQL) - A cloud-native database based on PostgreSQL developed by Alibaba Cloud.
- [season-lab/fuzzolic](https://github.com/season-lab/fuzzolic) - fuzzing + concolic = fuzzolic :)
- [djhohnstein/macos_shell_memory](https://github.com/djhohnstein/macos_shell_memory) - Execute MachO binaries in memory using CGo
- [ASkyeye/Zipper](https://github.com/ASkyeye/Zipper) - Zipper, a CobaltStrike file and folder compression utility.
- [pbek/loganalyzer](https://github.com/pbek/loganalyzer) - LogAnalyzer is a tool that helps you to analyze your log files by reducing the content with patterns you define.
- [heiher/hev-socks5-core](https://github.com/heiher/hev-socks5-core) - A simple, lightweight socks5 library (IPv4/IPv6/TCP/UDP/Client/Server)
- [orangetw/tsh](https://github.com/orangetw/tsh) - Tiny SHell is an open-source UNIX backdoor.
- [waldo-irc/CVE-2021-21551](https://github.com/waldo-irc/CVE-2021-21551) - Exploit to SYSTEM for CVE-2021-21551
- [Iansus/SilentLsassDump](https://github.com/Iansus/SilentLsassDump) - VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump
- [abcz316/rwProcMem33](https://github.com/abcz316/rwProcMem33) - Linux ARM64内核硬件进程内存读写驱动、硬件断点调试驱动。硬件级读写Linux进程内存、硬件级下断点。
- [falcosecurity/pdig](https://github.com/falcosecurity/pdig) - ptrace-based event producer for udig
- [svengong/xcubebase_riru](https://github.com/svengong/xcubebase_riru) - 基于magisk 和riru的frida持久化方案
- [Al1ex/WindowsElevation](https://github.com/Al1ex/WindowsElevation) - Windows Elevation(持续更新)
- [Al1ex/LinuxEelvation](https://github.com/Al1ex/LinuxEelvation) - Linux Eelvation(持续更新)
- [boazsegev/iodine](https://github.com/boazsegev/iodine) - iodine - HTTP / WebSockets Server for Ruby with Pub/Sub support
- [xforcered/CredBandit](https://github.com/xforcered/CredBandit) - Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
- [dgoulet/kjackal](https://github.com/dgoulet/kjackal) - Linux Rootkit Scanner
- [rsmudge/ZeroLogon-BOF](https://github.com/rsmudge/ZeroLogon-BOF) -
- [git-for-windows/git-sdk-64](https://github.com/git-for-windows/git-sdk-64) - A Git repository mirroring the current 64-bit Git for Windows SDK
- [csandker/inMemoryShellcode](https://github.com/csandker/inMemoryShellcode) - A Collection of In-Memory Shellcode Execution Techniques for Windows
- [pattern-f/TQ-pre-jailbreak](https://github.com/pattern-f/TQ-pre-jailbreak) - Hello from pattern-f.
- [darvincisec/AntiDebugandMemoryDump](https://github.com/darvincisec/AntiDebugandMemoryDump) - Anti-Debug and Anti-Memory Dump for Android
- [purerosefallen/ygopro](https://github.com/purerosefallen/ygopro) - KoishiPro
- [decoder-it/juicy_2](https://github.com/decoder-it/juicy_2) - juicypotato for win10 > 1803 & win server 2019
- [9bie/exe2shellcode](https://github.com/9bie/exe2shellcode) - Remote Download and Memory Execute for shellcode framework
- [trustedsec/COFFLoader](https://github.com/trustedsec/COFFLoader) -
- [akopytov/sysbench](https://github.com/akopytov/sysbench) - Scriptable database and system performance benchmark
- [mtrojnar/osslsigncode](https://github.com/mtrojnar/osslsigncode) - OpenSSL based Authenticode signing for PE/MSI/Java CAB files
- [jmk-foofus/medusa](https://github.com/jmk-foofus/medusa) - Medusa is a speedy, parallel, and modular, login brute-forcer.
- [rewardone/OSCPRepo](https://github.com/rewardone/OSCPRepo) - A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and readi
- [aaaddress1/sakeInject](https://github.com/aaaddress1/sakeInject) - Windows PE - TLS (Thread Local Storage) Injector in C/C++
- [Rvn0xsy/CVE-2021-3156-plus](https://github.com/Rvn0xsy/CVE-2021-3156-plus) - CVE-2021-3156非交互式执行命令
- [blasty/CVE-2021-3156](https://github.com/blasty/CVE-2021-3156) -
- [Mr-Un1k0d3r/RedTeamCCode](https://github.com/Mr-Un1k0d3r/RedTeamCCode) - Red Team C code repo
- [lockedbyte/CVE-Exploits](https://github.com/lockedbyte/CVE-Exploits) - PoC exploits for software vulnerabilities
- [mai1zhi2/ShellCodeFramework](https://github.com/mai1zhi2/ShellCodeFramework) - 绕3环的shellcode免杀框架
- [ea/bosch_headunit_root](https://github.com/ea/bosch_headunit_root) - Documentation and code for rooting and extending a Bosch car head unit (lcn2kai)
- [LloydLabs/Windows-API-Hashing](https://github.com/LloydLabs/Windows-API-Hashing) - This is a simple example and explanation of obfuscating API resolution via hashing
- [LloydLabs/delete-self-poc](https://github.com/LloydLabs/delete-self-poc) - A way to delete a locked file, or current running executable, on disk.
- [zznop/drow](https://github.com/zznop/drow) - Injects code into ELF executables post-build
- [neil-wu/CatFrida](https://github.com/neil-wu/CatFrida) - CatFrida is a macOS tool for inspecting a running iOS app.
- [ybdt/evasion-hub](https://github.com/ybdt/evasion-hub) - 免杀对抗
- [jsherman212/xnuspy](https://github.com/jsherman212/xnuspy) - an iOS kernel function hooking framework for checkra1n'able devices
- [rsmudge/unhook-bof](https://github.com/rsmudge/unhook-bof) - Remove API hooks from a Beacon process.
- [dacade/tools](https://github.com/dacade/tools) - some tools
- [lengjibo/FourEye](https://github.com/lengjibo/FourEye) - AV Evasion Tool For Red Team Ops
- [AFLplusplus/AFLplusplus](https://github.com/AFLplusplus/AFLplusplus) - The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
- [ethereal-vx/Persistence](https://github.com/ethereal-vx/Persistence) - Recreating and reviewing the Windows persistence methods
- [anantshri/Android_Security](https://github.com/anantshri/Android_Security) - This repository is a suplimentary material for Android Training's done by Anant Shrivastava from 2012-2017
- [gtworek/PSBits](https://github.com/gtworek/PSBits) - Simple (relatively) things allowing you to dig a bit deeper than usual.
- [ajpc500/BOFs](https://github.com/ajpc500/BOFs) - Collection of Beacon Object Files
- [tomcarver16/BOF-DLL-Inject](https://github.com/tomcarver16/BOF-DLL-Inject) - Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.
- [gnxbr/Fully-Undetectable-Techniques](https://github.com/gnxbr/Fully-Undetectable-Techniques) -
- [chroblert/JC-AntiPtrace](https://github.com/chroblert/JC-AntiPtrace) - 安卓绕过ptrace反调试
- [NixOS/patchelf](https://github.com/NixOS/patchelf) - A small utility to modify the dynamic linker and RPATH of ELF executables
- [TannerJin/AntiMSHookFunction](https://github.com/TannerJin/AntiMSHookFunction) - AntiMSHookFunction (make MSHookFunction doesn't work)
- [ntop/n2n](https://github.com/ntop/n2n) - Peer-to-peer VPN
- [gaffe23/linux-inject](https://github.com/gaffe23/linux-inject) - Tool for injecting a shared object into a Linux process
- [code-scan/ssh-inject-auto-find-libdl](https://github.com/code-scan/ssh-inject-auto-find-libdl) -
- [geokb/yabar](https://github.com/geokb/yabar) - A modern and lightweight status bar for X window managers.
- [cbwang505/CVE-2019-0708-EXP-Windows](https://github.com/cbwang505/CVE-2019-0708-EXP-Windows) - CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell
- [strongcourage/uafuzz](https://github.com/strongcourage/uafuzz) - UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
- [LloydLabs/wsb-detect](https://github.com/LloydLabs/wsb-detect) - wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")
- [g0dA/linuxStack](https://github.com/g0dA/linuxStack) - Linux技术栈
- [0voice/algorithm-structure](https://github.com/0voice/algorithm-structure) - 2021年最新总结 500个常用数据结构,算法,算法导论,面试常用,大厂高级工程师整理总结
- [GeoSn0w/Blizzard-Jailbreak](https://github.com/GeoSn0w/Blizzard-Jailbreak) - An Open-Source iOS 11.0 -> 11.4.1 (soon iOS 13) Jailbreak, made for teaching purposes.
- [bytecode77/r77-rootkit](https://github.com/bytecode77/r77-rootkit) - Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
- [ventoy/Ventoy](https://github.com/ventoy/Ventoy) - A new bootable USB solution.
- [SkewwG/domainTools](https://github.com/SkewwG/domainTools) - 内网域渗透小工具
- [StarCross-Tech/heap_exploit_2.31](https://github.com/StarCross-Tech/heap_exploit_2.31) -
- [XiphosResearch/netelf](https://github.com/XiphosResearch/netelf) - Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
- [andreafioraldi/weizz-fuzzer](https://github.com/andreafioraldi/weizz-fuzzer) -
- [hackerschoice/gsocket](https://github.com/hackerschoice/gsocket) - Connect like there is no firewall. Securely.
- [phra/PEzor](https://github.com/phra/PEzor) - Open-Source Shellcode & PE Packer
- [TimelifeCzy/Shell_Protect](https://github.com/TimelifeCzy/Shell_Protect) - VM一键加壳/脱壳,全压缩,反调试等
- [ish-app/ish](https://github.com/ish-app/ish) - Linux shell for iOS
- [inspektor-gadget/inspektor-gadget](https://github.com/inspektor-gadget/inspektor-gadget) - Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF
- [gloxec/CrossC2](https://github.com/gloxec/CrossC2) - generate CobaltStrike's cross-platform payload
- [timwhitez/Cobalt-Strike-Aggressor-Scripts](https://github.com/timwhitez/Cobalt-Strike-Aggressor-Scripts) - Cobalt Strike Aggressor 插件包
- [brendan-rius/c-jwt-cracker](https://github.com/brendan-rius/c-jwt-cracker) - JWT brute force cracker written in C
- [bg6cq/whoisscanme](https://github.com/bg6cq/whoisscanme) -
- [aircrack-ng/rtl8188eus](https://github.com/aircrack-ng/rtl8188eus) - RealTek RTL8188eus WiFi driver with monitor mode & frame injection support
- [dtcooper/fakehostname](https://github.com/dtcooper/fakehostname) - Run a command and fake your hostname.
- [yifengyou/learn-kvm](https://github.com/yifengyou/learn-kvm) - Qemu KVM(Kernel Virtual Machine)学习笔记
- [blendin/3snake](https://github.com/blendin/3snake) - Tool for extracting information from newly spawned processes
- [0vercl0k/sic](https://github.com/0vercl0k/sic) - Enumerate user mode shared memory mappings on Windows.
- [CylanceVulnResearch/ReflectiveDLLRefresher](https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher) - Universal Unhooking
- [DoctorWkt/acwj](https://github.com/DoctorWkt/acwj) - A Compiler Writing Journey
- [limbenjamin/LogServiceCrash](https://github.com/limbenjamin/LogServiceCrash) - POC code to crash Windows Event Logger Service
- [nil0x42/duplicut](https://github.com/nil0x42/duplicut) - Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
- [blunderbuss-wctf/wacker](https://github.com/blunderbuss-wctf/wacker) - A WPA3 dictionary cracker
- [uf0o/CVE-2020-17382](https://github.com/uf0o/CVE-2020-17382) - PoC exploits for CVE-2020-17382
- [libinjection/libinjection](https://github.com/libinjection/libinjection) - SQL / SQLI tokenizer parser analyzer
- [blackarrowsec/redteam-research](https://github.com/blackarrowsec/redteam-research) - Collection of PoC and offensive techniques used by the BlackArrow Red Team
- [chompie1337/s8_2019_2215_poc](https://github.com/chompie1337/s8_2019_2215_poc) - PoC 2019-2215 exploit for S8/S8 active with DAC + SELinux + Knox/RKP bypass
- [DerekSelander/yacd](https://github.com/DerekSelander/yacd) - Decrypts FairPlay applications on iOS 13.4.1 and lower, no jb required
- [jvinet/knock](https://github.com/jvinet/knock) - A port-knocking daemon
- [ThunderGunExpress/UAC-TokenDuplication](https://github.com/ThunderGunExpress/UAC-TokenDuplication) -
- [Ascotbe/Kernelhub](https://github.com/Ascotbe/Kernelhub) - :palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
- [fancycode/MemoryModule](https://github.com/fancycode/MemoryModule) - Library to load a DLL from memory.
- [reactos/reactos](https://github.com/reactos/reactos) - A free Windows-compatible Operating System
- [MobileForensicsResearch/mem](https://github.com/MobileForensicsResearch/mem) - Tool used for dumping memory from Android devices
- [ARM-software/CSAL](https://github.com/ARM-software/CSAL) - Coresight Access Library
- [webview/webview_csharp](https://github.com/webview/webview_csharp) - C# bindings for webview/webview - Batteries included
- [gabrielrcouto/awesome-php-ffi](https://github.com/gabrielrcouto/awesome-php-ffi) - PHP FFI examples and use cases
- [bhassani/EternalBlueC](https://github.com/bhassani/EternalBlueC) - EternalBlue suite remade in C/C++ which includes: MS17-010 Exploit, EternalBlue vulnerability detector, DoublePulsar detector and DoublePulsar Shellcode & DLL uploader
- [mdsecactivebreach/firewalker](https://github.com/mdsecactivebreach/firewalker) -
- [hzqst/VmwareHardenedLoader](https://github.com/hzqst/VmwareHardenedLoader) - Vmware Hardened VM detection mitigation loader (anti anti-vm)
- [aligrudi/neatcc](https://github.com/aligrudi/neatcc) - A small arm/x86(-64) C compiler
- [bkerler/opencl_brute](https://github.com/bkerler/opencl_brute) - MD5,SHA1,SHA256,SHA512,HMAC,PBKDF2,SCrypt Bruteforcing tools using OpenCL (GPU, yay!) and Python
- [marsyy/littl_tools](https://github.com/marsyy/littl_tools) -
- [n0b0dyCN/RedisModules-ExecuteCommand](https://github.com/n0b0dyCN/RedisModules-ExecuteCommand) - Tools, utilities and scripts to help you write redis modules!
- [vulhub/redis-rogue-getshell](https://github.com/vulhub/redis-rogue-getshell) - redis 4.x/5.x master/slave getshell module
- [TheWover/donut](https://github.com/TheWover/donut) - Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
- [google/sanitizers](https://github.com/google/sanitizers) - AddressSanitizer, ThreadSanitizer, MemorySanitizer
- [AntSwordProject/ant_php_extension](https://github.com/AntSwordProject/ant_php_extension) - PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions
- [m57/cobaltstrike_bofs](https://github.com/m57/cobaltstrike_bofs) - My CobaltStrike BOFS
- [anthemtotheego/C_Shot](https://github.com/anthemtotheego/C_Shot) -
- [sailay1996/UAC_Bypass_In_The_Wild](https://github.com/sailay1996/UAC_Bypass_In_The_Wild) - Windows 10 UAC bypass for all executable files which are autoelevate true .
- [a0rtega/pafish](https://github.com/a0rtega/pafish) - Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
- [github/securitylab](https://github.com/github/securitylab) - Resources related to GitHub Security Lab
- [qq4108863/hihttps](https://github.com/qq4108863/hihttps) - hihttps是一款完整源码的高性能web应用防火墙,既支持传统WAF的所有功能如SQL注入、XSS、恶意漏洞扫描、密码暴力破解、CC、DDOS等ModSecurity正则规则,又支持无监督机器学习,自主对抗未知攻击。
- [rvrsh3ll/BOF_Collection](https://github.com/rvrsh3ll/BOF_Collection) - Various Cobalt Strike BOFs
- [sailay1996/RpcSsImpersonator](https://github.com/sailay1996/RpcSsImpersonator) - Privilege Escalation Via RpcSs svc
- [libyal/liblnk](https://github.com/libyal/liblnk) - Library and tools to access the Windows Shortcut File (LNK) format
- [NtRaiseHardError/NINA](https://github.com/NtRaiseHardError/NINA) - NINA: No Injection, No Allocation x64 Process Injection Technique
- [DanieleDeSensi/peafowl](https://github.com/DanieleDeSensi/peafowl) - High performance Deep Packet Inspection (DPI) framework to identify L7 protocols and extract and process data and metadata from network traffic.
- [elfmaster/libelfmaster](https://github.com/elfmaster/libelfmaster) - Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
- [elfmaster/ftrace](https://github.com/elfmaster/ftrace) - POSIX Function tracing
- [elfmaster/dsym_obfuscate](https://github.com/elfmaster/dsym_obfuscate) - Obfuscates dynamic symbol table
- [ntop/nDPI](https://github.com/ntop/nDPI) - Open Source Deep Packet Inspection Software Toolkit
- [redplait/armpatched](https://github.com/redplait/armpatched) - clone of armadillo patched for windows
- [dalvarezperez/CreateFile_based_rootkit](https://github.com/dalvarezperez/CreateFile_based_rootkit) -
- [mhaskar/Shellcode-In-Memory-Decoder](https://github.com/mhaskar/Shellcode-In-Memory-Decoder) - A simple C implementation to decoded your shellcode and writes it directly to memory
- [meme/hotwax](https://github.com/meme/hotwax) - Coverage-guided binary fuzzing powered by Frida Stalker
- [avs333/Nougat_dlfunctions](https://github.com/avs333/Nougat_dlfunctions) -
- [hack0z/byopen](https://github.com/hack0z/byopen) - 🎉A dlopen library that bypasses mobile system limitation
- [titansec/OpenWAF](https://github.com/titansec/OpenWAF) - Web security protection system based on openresty
- [ionescu007/faxhell](https://github.com/ionescu007/faxhell) - A Bind Shell Using the Fax Service and a DLL Hijack
- [ph4ntonn/Impost3r](https://github.com/ph4ntonn/Impost3r) - 👻Impost3r -- A linux password thief
- [havocykp/Gh0st](https://github.com/havocykp/Gh0st) - 远控源码
- [yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD](https://github.com/yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD) - bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
- [gentilkiwi/mimikatz](https://github.com/gentilkiwi/mimikatz) - A little tool to play with Windows security
- [itm4n/PrintSpoofer](https://github.com/itm4n/PrintSpoofer) - Abusing impersonation privileges through the "Printer Bug"
- [sandboxie/sandboxie](https://github.com/sandboxie/sandboxie) - The Sandboxie application
- [can1357/NtLua](https://github.com/can1357/NtLua) - Lua in kernel-mode because why not.
- [1d8/MailJack](https://github.com/1d8/MailJack) -
- [thebabush/bline](https://github.com/thebabush/bline) - Naver LINE VoIP reversing stuff
- [kingToolbox/WindTerm](https://github.com/kingToolbox/WindTerm) - A professional cross-platform SSH/Sftp/Shell/Telnet/Tmux/Serial terminal.
- [nccgroup/nccfsas](https://github.com/nccgroup/nccfsas) - Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
- [a1exdandy/checkm8-a5](https://github.com/a1exdandy/checkm8-a5) - checkm8 port for S5L8940X/S5L8942X/S5L8945X
- [taviso/ctftool](https://github.com/taviso/ctftool) - Interactive CTF Exploration Tool
- [YutaroHayakawa/ipftrace2](https://github.com/YutaroHayakawa/ipftrace2) - A packet oriented Linux kernel function call tracer
- [hasherezade/hollows_hunter](https://github.com/hasherezade/hollows_hunter) - Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
- [rxwx/spoolsystem](https://github.com/rxwx/spoolsystem) - Print Spooler Named Pipe Impersonation for Cobalt Strike
- [Katrovisch/KatroLogger](https://github.com/Katrovisch/KatroLogger) - KeyLogger for Linux Systems
- [bats3c/shad0w](https://github.com/bats3c/shad0w) - A post exploitation framework designed to operate covertly on heavily monitored environments
- [HyperDbg/HyperDbg](https://github.com/HyperDbg/HyperDbg) - State-of-the-art native debugging tools
- [AltraMayor/gatekeeper](https://github.com/AltraMayor/gatekeeper) - The first open-source DDoS protection system
- [V-E-O/PoC](https://github.com/V-E-O/PoC) - PoC of CVE/Exploit
- [vanhauser-thc/thc-hydra](https://github.com/vanhauser-thc/thc-hydra) - hydra
- [luke-goddard/enumy](https://github.com/luke-goddard/enumy) - Linux post exploitation privilege escalation enumeration
- [oleavr/ios-inject-custom](https://github.com/oleavr/ios-inject-custom) - Example showing how to use Frida for standalone injection of a custom payload
- [Echocipher/AUTO-EARN](https://github.com/Echocipher/AUTO-EARN) - 一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
- [zhuotong/Android_InlineHook](https://github.com/zhuotong/Android_InlineHook) - Android内联hook框架
- [juuso/keychaindump](https://github.com/juuso/keychaindump) - A proof-of-concept tool for reading OS X keychain passwords
- [prbinu/tls-scan](https://github.com/prbinu/tls-scan) - An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
- [a2o/snoopy](https://github.com/a2o/snoopy) - Snoopy Command Logger is a small library that logs all program executions on your Linux/BSD system.
- [gentilkiwi/kirandomtpm](https://github.com/gentilkiwi/kirandomtpm) - Get random bytes from the TPM (tool + BCrypt RNG provider)
- [wonderkun/CTFENV](https://github.com/wonderkun/CTFENV) - 为应对CTF比赛而搭建的各种环境
- [antonioCoco/RoguePotato](https://github.com/antonioCoco/RoguePotato) - Another Windows Local Privilege Escalation from Service Account to System
- [yusufqk/SystemToken](https://github.com/yusufqk/SystemToken) - Steal privileged token to obtain SYSTEM shell
- [uknowsec/getSystem](https://github.com/uknowsec/getSystem) - webshell下提权执行命令 Reference:https://github.com/yusufqk/SystemToken
- [NLnetLabs/ldns](https://github.com/NLnetLabs/ldns) - LDNS is a DNS library that facilitates DNS tool programming
- [noptrix/lulzbuster](https://github.com/noptrix/lulzbuster) - A very fast and smart web directory and file enumeration tool written in C.
- [danigargu/CVE-2020-0796](https://github.com/danigargu/CVE-2020-0796) - CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
- [twelvesec/passcat](https://github.com/twelvesec/passcat) - Passwords Recovery Tool
- [chroblert/domainWeakPasswdCheck](https://github.com/chroblert/domainWeakPasswdCheck) - 内网安全·域账号弱口令审计
- [chroblert/AssetManage](https://github.com/chroblert/AssetManage) -
- [paranoidninja/Shuriken](https://github.com/paranoidninja/Shuriken) - Offensive Android Kernel on Steroids - Shuriken is an Android kernel for Oneplus 5/5T which supports multiple features for pentesting.
- [newsoft/adduser](https://github.com/newsoft/adduser) - Programmatically create an administrative user under Windows
- [david378/ssocks](https://github.com/david378/ssocks) - build static ssocks by cmake,cross build ssocks
- [V-E-O/rdp2tcp](https://github.com/V-E-O/rdp2tcp) - rdp2tcp: open tcp tunnel through remote desktop connection.
- [redcanaryco/atomic-red-team](https://github.com/redcanaryco/atomic-red-team) - Small and highly portable detection tests based on MITRE's ATT&CK.
- [brainsmoke/ptrace-burrito](https://github.com/brainsmoke/ptrace-burrito) - a friendly wrapper around ptrace
- [Mr-Un1k0d3r/SCShell](https://github.com/Mr-Un1k0d3r/SCShell) - Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
- [RITRedteam/Headshot](https://github.com/RITRedteam/Headshot) - NGINX module to allow for RCE through a specific header
- [Genymobile/scrcpy](https://github.com/Genymobile/scrcpy) - Display and control your Android device
- [bootleg/ret-sync](https://github.com/bootleg/ret-sync) - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
- [pymumu/smartdns](https://github.com/pymumu/smartdns) - A local DNS server to obtain the fastest website IP for the best Internet experience, support DoT, DoH, DoQ. 一个本地DNS服务器,获取最快的网站IP,获得最佳上网体验,支持DoH,DoT, DoQ。
- [outflanknl/Dumpert](https://github.com/outflanknl/Dumpert) - LSASS memory dumper using direct system calls and API unhooking.
- [jonathanmetzman/wasm-fuzzing-demo](https://github.com/jonathanmetzman/wasm-fuzzing-demo) - Demos of and walkthroughs on in-browser fuzzing using WebAssembly
- [turing-technician/FastHook](https://github.com/turing-technician/FastHook) - Android ART Hook
- [0x25bit/darkRat_HVNC](https://github.com/0x25bit/darkRat_HVNC) - DarkRats Standalone HVNC
- [SwiftLaTeX/SwiftLaTeX](https://github.com/SwiftLaTeX/SwiftLaTeX) - SwiftLaTeX, a WYSIWYG Browser-based LaTeX Editor
- [mohuihui/antispy](https://github.com/mohuihui/antispy) - AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its
- [OWASP/igoat](https://github.com/OWASP/igoat) - OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar
- [OWASP/iGoat-Swift](https://github.com/OWASP/iGoat-Swift) - OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
- [hmgle/graftcp](https://github.com/hmgle/graftcp) - A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
- [blechschmidt/massdns](https://github.com/blechschmidt/massdns) - A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
- [abelcheung/rifiuti2](https://github.com/abelcheung/rifiuti2) - Windows Recycle Bin analyser
- [vmonaco/kloak](https://github.com/vmonaco/kloak) - Keystroke-level online anonymization kernel: obfuscates typing behavior at the device level.
- [robertdavidgraham/rdpscan](https://github.com/robertdavidgraham/rdpscan) - A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
- [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc) - Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)
- [gurnec/HashCheck](https://github.com/gurnec/HashCheck) - HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org
- [skeeto/endlessh](https://github.com/skeeto/endlessh) - SSH tarpit that slowly sends an endless banner
- [Chion82/netfilter-full-cone-nat](https://github.com/Chion82/netfilter-full-cone-nat) - A kernel module to turn MASQUERADE into full cone SNAT
- [hacksysteam/HackSysExtremeVulnerableDriver](https://github.com/hacksysteam/HackSysExtremeVulnerableDriver) - HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
- [y11en/BlockRDPBrute](https://github.com/y11en/BlockRDPBrute) - [HIPS]RDP(3389)爆破防护
- [klsfct/getshell](https://github.com/klsfct/getshell) - 各大平台提权工具
- [Halbmond/Introduction-to-Computer-Systems](https://github.com/Halbmond/Introduction-to-Computer-Systems) - Course : Introduction to Computer Systems
- [swaywm/sway](https://github.com/swaywm/sway) - i3-compatible Wayland compositor
- [ambrop72/badvpn](https://github.com/ambrop72/badvpn) - NCD scripting language, tun2socks proxifier, P2P VPN
- [firebroo/UnixTools](https://github.com/firebroo/UnixTools) - 一些处理数据的Unix小工具,支持管道操作。
- [meyerd/n2n](https://github.com/meyerd/n2n) - A development branch of the n2n p2p vpn software
- [ValdikSS/p0f-mtu](https://github.com/ValdikSS/p0f-mtu) - p0f with patches to save MTU value and export it via API (for VPN detection)
- [rosehgal/BinExp](https://github.com/rosehgal/BinExp) - Linux Binary Exploitation
- [sfan5/fi6s](https://github.com/sfan5/fi6s) - IPv6 network scanner designed to be fast
- [silight-jp/MacType-Patch](https://github.com/silight-jp/MacType-Patch) - MacType Patch for DirectWrite Hook
- [andreiw/RaspberryPiPkg](https://github.com/andreiw/RaspberryPiPkg) - DEPRECATED - DO NOT USE | Go here instead ->
- [aarond10/https_dns_proxy](https://github.com/aarond10/https_dns_proxy) - A lightweight DNS-over-HTTPS proxy.
- [telekom-security/tpotce](https://github.com/telekom-security/tpotce) - 🍯 T-Pot - The All In One Multi Honeypot Platform 🐝
- [lihaoyun6/axeldown-core](https://github.com/lihaoyun6/axeldown-core) - 基于axel-webm的优化项目. 通过webui调用axel进行下载
- [suvllian/process-inject](https://github.com/suvllian/process-inject) - 在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
- [sumatrapdfreader/sumatrapdf](https://github.com/sumatrapdfreader/sumatrapdf) - SumatraPDF reader
- [zogvm/zogvm](https://github.com/zogvm/zogvm) - zogna video manager
- [henkman/virgo](https://github.com/henkman/virgo) - :virgo::computer::computer::computer::computer: Virtual desktops for Windows
- [netdata/netdata](https://github.com/netdata/netdata) - X-Ray Vision for your infrastructure!
- [RPISEC/MBE](https://github.com/RPISEC/MBE) - Course materials for Modern Binary Exploitation by RPISEC
- [saaramar/execve_exploit](https://github.com/saaramar/execve_exploit) - Hardcore corruption of my execve() vulnerability in WSL
- [Nat-Lab/eoip](https://github.com/Nat-Lab/eoip) - EoIP/EoIPv6 for *nix.
- [tcp-nanqinlang/general](https://github.com/tcp-nanqinlang/general) - general mode via module loading
- [3proxy/3proxy](https://github.com/3proxy/3proxy) - 3proxy - tiny free proxy server
- [coolstar/electra](https://github.com/coolstar/electra) - Electra iOS 11.0 - 11.1.2 jailbreak toolkit based on async_awake
- [dyne/dnscrypt-proxy](https://github.com/dyne/dnscrypt-proxy) - DNSCrypt-Proxy repository, frankly maintained for what it does (no new features planned)
- [agile6v/awesome-nginx](https://github.com/agile6v/awesome-nginx) - A curated list of awesome Nginx distributions, 3rd party modules, Active developers, etc. :octocat:
- [Chuyu-Team/MINT](https://github.com/Chuyu-Team/MINT) - Contains the definitions for the Windows Internal UserMode API from ntdll.dll, samlib.dll and winsta.dll.
- [guanchao/AppProtect](https://github.com/guanchao/AppProtect) - 整理一些app常见的加固方法,包括java层、native层和资源文件加固等
- [firmianay/CTF-All-In-One](https://github.com/firmianay/CTF-All-In-One) - CTF竞赛权威指南
- [Wind4/vlmcsd](https://github.com/Wind4/vlmcsd) - KMS Emulator in C (currently runs on Linux including Android, FreeBSD, Solaris, Minix, Mac OS, iOS, Windows with or without Cygwin)
- [mpv-player/mpv](https://github.com/mpv-player/mpv) - 🎥 Command line media player
- [gsliepen/tinc](https://github.com/gsliepen/tinc) - a VPN daemon
- [hardenedlinux/linux-exploit-development-tutorial](https://github.com/hardenedlinux/linux-exploit-development-tutorial) - a series tutorial for linux exploit development to newbie.
- [NoahhhRyan/krackattacks-test](https://github.com/NoahhhRyan/krackattacks-test) -
- [hfiref0x/UACME](https://github.com/hfiref0x/UACME) - Defeating Windows User Account Control
- [tinyproxy/tinyproxy](https://github.com/tinyproxy/tinyproxy) - tinyproxy - a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems
- [mitchellkrogza/apache-ultimate-bad-bot-blocker](https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker) - Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
- [vanhoefm/krackattacks-scripts](https://github.com/vanhoefm/krackattacks-scripts) -
- [droberson/icmp-backdoor](https://github.com/droberson/icmp-backdoor) - Backdoor that listens for specially crafted ICMP packets and spawns reverse shells.
- [giltu/KernelPCC](https://github.com/giltu/KernelPCC) - PCC is a new approach for TCP congestion control base on real-time performance analysis. This is a kernel implementation of it.
- [madeye/tcp_china](https://github.com/madeye/tcp_china) - TCP China congestion control algorithm
- [gatieme/AderXCoding](https://github.com/gatieme/AderXCoding) - 介绍各类语言,库,系统编程以及算法的学习
- [session-replay-tools/tcpcopy](https://github.com/session-replay-tools/tcpcopy) - An online request replication and TCP stream replay tool, ideal for real testing, performance testing, stability testing, stress testing, load testing, smoke testing, and more.
- [sudeshnapal12/Web-Application-Firewall](https://github.com/sudeshnapal12/Web-Application-Firewall) - Designed and Implemented a Web Application Firewall as an Apache module that "sits" in-front of a web server. The WAF is designed to stop malicious requests from known attacks such as SQL Injection, X
- [50m30n3/dsptunnel](https://github.com/50m30n3/dsptunnel) - IP over audio tunnel
- [Ridter/Pentest](https://github.com/Ridter/Pentest) - tools
- [dosgo/ngrok-c](https://github.com/dosgo/ngrok-c) - ngrok client for c language,Due to the use of GO ngrok language development, porting to embedded devices some inconvenience, such as openwrt, so use C language rewrite a client. Very mini, the need to
- [dlundquist/sniproxy](https://github.com/dlundquist/sniproxy) - Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.
- [haiwen/seafile](https://github.com/haiwen/seafile) - High performance file syncing and sharing, with also Markdown WYSIWYG editing, Wiki, file label and other knowledge management features.
- [WireGuard/wireguard-monolithic-historical](https://github.com/WireGuard/wireguard-monolithic-historical) - Historical monolithic WireGuard repository, split into wireguard-tools, wireguard-linux, and wireguard-linux-compat.
- [git-hulk/tcpkit](https://github.com/git-hulk/tcpkit) - the tcpkit was designed to make network packets programable with Lua script
- [snooda/net-speeder](https://github.com/snooda/net-speeder) - net-speeder 在高延迟不稳定链路上优化单线程下载速度
- [rip1s/vmware_escape](https://github.com/rip1s/vmware_escape) - VMware Escape Exploit before VMware WorkStation 12.5.5
- [axel-download-accelerator/axel](https://github.com/axel-download-accelerator/axel) - Lightweight CLI download accelerator
- [skywind3000/kcp](https://github.com/skywind3000/kcp) - :zap: KCP - A Fast and Reliable ARQ Protocol
- [osqzss/gps-sdr-sim](https://github.com/osqzss/gps-sdr-sim) - Software-Defined GPS Signal Simulator
- [magkopian/keepassxc-debian](https://github.com/magkopian/keepassxc-debian) - Debian source package for the KeePassXC password manager.
- [ScottyBauer/Android_Kernel_CVE_POCs](https://github.com/ScottyBauer/Android_Kernel_CVE_POCs) - A list of my CVE's with POCs
- [axi0mX/ios-kexec-utils](https://github.com/axi0mX/ios-kexec-utils) - boot LLB/iBoot/iBSS/iBEC image from a jailbroken iOS kernel
- [santoru/filewatcher](https://github.com/santoru/filewatcher) - A simple auditing utility for macOS
- [Cn33liz/HSEVD-ArbitraryOverwrite](https://github.com/Cn33liz/HSEVD-ArbitraryOverwrite) - HackSys Extreme Vulnerable Driver - ArbitraryOverwrite Exploit
- [c0d3z3r0/sudo-CVE-2017-1000367](https://github.com/c0d3z3r0/sudo-CVE-2017-1000367) -
- [Chion82/kcptun-raw](https://github.com/Chion82/kcptun-raw) - Kcptun with raw socket and fake TCP headers.
- [klsecservices/Invoke-Vnc](https://github.com/klsecservices/Invoke-Vnc) - Powershell VNC injector
- [DhavalKapil/icmptunnel](https://github.com/DhavalKapil/icmptunnel) - Transparently tunnel your IP traffic through ICMP echo and reply packets.
- [shudo/shujit](https://github.com/shudo/shujit) - Java Just-in-Time Compiler for x86 processors
- [opsxcq/exploit-CVE-2017-7494](https://github.com/opsxcq/exploit-CVE-2017-7494) - SambaCry exploit and vulnerable container (CVE-2017-7494)
- [raminfp/linux-4.8.0-netfilter_icmp](https://github.com/raminfp/linux-4.8.0-netfilter_icmp) - Anatomy of a linux kernel development
- [DhavalKapil/heap-exploitation](https://github.com/DhavalKapil/heap-exploitation) - This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
- [ANSSI-FR/AD-control-paths](https://github.com/ANSSI-FR/AD-control-paths) - Active Directory Control Paths auditing and graphing tools
- [ValdikSS/GoodbyeDPI](https://github.com/ValdikSS/GoodbyeDPI) - GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)
- [ufrisk/pcileech](https://github.com/ufrisk/pcileech) - Direct Memory Access (DMA) Attack Software
- [Cybellum/DoubleAgent](https://github.com/Cybellum/DoubleAgent) - Zero-Day Code Injection and Persistence Technique
- [gentilkiwi/wanakiwi](https://github.com/gentilkiwi/wanakiwi) - Automated wanadecrypt with key recovery if lucky
- [jtesta/ssh-mitm](https://github.com/jtesta/ssh-mitm) - SSH man-in-the-middle tool
- [SecWiki/linux-kernel-exploits](https://github.com/SecWiki/linux-kernel-exploits) - linux-kernel-exploits Linux平台提权漏洞集合
- [adafruit/Adafruit-GPIO-Halt](https://github.com/adafruit/Adafruit-GPIO-Halt) - Press-to-halt program for headless Raspberry Pi. Similar functionality to the rpi_power_switch kernel module from the fbtft project, but easier to compile (no kernel headers needed).
- [greensea/mptunnel](https://github.com/greensea/mptunnel) - MPUDP Tunnel (User space MultiPath UDP)
- [Keysight/Rhme-2016](https://github.com/Keysight/Rhme-2016) - Rhme2 challenge (2016)
- [leechristensen/UnmanagedPowerShell](https://github.com/leechristensen/UnmanagedPowerShell) - Executes PowerShell from an unmanaged process
- [peperunas/injectopi](https://github.com/peperunas/injectopi) - A set of tutorials about code injection for Windows.
- [hasherezade/demos](https://github.com/hasherezade/demos) - Demos of various injection techniques found in malware
- [google/honggfuzz](https://github.com/google/honggfuzz) - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
- [mubix/post-exploitation](https://github.com/mubix/post-exploitation) - Post Exploitation Collection
- [hxp2k6/smart7ec-scan-console](https://github.com/hxp2k6/smart7ec-scan-console) - 基于Linux c开发的插件式扫描器(Python/lua)
- [SpacehuhnTech/esp8266_deauther](https://github.com/SpacehuhnTech/esp8266_deauther) - Affordable WiFi hacking platform for testing and learning
- [hlldz/Phant0m](https://github.com/hlldz/Phant0m) - Windows Event Log Killer
- [s0lst1c3/eaphammer](https://github.com/s0lst1c3/eaphammer) - Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
- [LukaSikic/Unix-Privilege-Escalation-Exploits-Pack](https://github.com/LukaSikic/Unix-Privilege-Escalation-Exploits-Pack) - Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.
- [kala13x/scap](https://github.com/kala13x/scap) - Network Sniffer (Scan and Capture Incoming Packets)
- [nmap/ncrack](https://github.com/nmap/ncrack) - Ncrack network authentication tool
- [SecWiki/windows-kernel-exploits](https://github.com/SecWiki/windows-kernel-exploits) - windows-kernel-exploits Windows平台提权漏洞集合
- [ele7enxxh/Android-Inline-Hook](https://github.com/ele7enxxh/Android-Inline-Hook) - thumb16 thumb32 arm32 inlineHook in Android
- [laginimaineb/cve-2015-6639](https://github.com/laginimaineb/cve-2015-6639) - QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)
- [deamwork/inetutils](https://github.com/deamwork/inetutils) - the copy of https://git.savannah.gnu.org/cgit/inetutils.git/ with knali support
- [traviscross/mtr](https://github.com/traviscross/mtr) - Official repository for mtr, a network diagnostic tool
- [kmyk/libproofofwork](https://github.com/kmyk/libproofofwork) - Simple hash-mining c library and its python binding.
- [boywhp/wifi_crack_windows](https://github.com/boywhp/wifi_crack_windows) - wifi crack project for windows
- [zcgonvh/NTDSDumpEx](https://github.com/zcgonvh/NTDSDumpEx) - NTDS.dit offline dumper with non-elevated
- [derrekr/android_security](https://github.com/derrekr/android_security) - Public Android Vulnerability Information (CVE PoCs etc)
- [googleprojectzero/winafl](https://github.com/googleprojectzero/winafl) - A fork of AFL for fuzzing Windows binaries
- [F-Stack/f-stack](https://github.com/F-Stack/f-stack) - F-Stack is an user space network development kit with high performance based on DPDK, FreeBSD TCP/IP stack and coroutine API.
- [mrschyte/pentestkoala](https://github.com/mrschyte/pentestkoala) - Modified dropbear server which acts as a client and allows authless login
- [openwall/john](https://github.com/openwall/john) - John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
- [netblue30/firejail](https://github.com/netblue30/firejail) - Linux namespaces and seccomp-bpf sandbox
- [Azard/SE315-OperatingSystem](https://github.com/Azard/SE315-OperatingSystem) - SJTU-SE315 Operating System labs from MIT 6.828, by a SE12er.
- [gamelinux/passivedns](https://github.com/gamelinux/passivedns) - A network sniffer that logs all DNS server replies for use in a passive DNS setup
- [spacehuhn/wifi_ducky](https://github.com/spacehuhn/wifi_ducky) - Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
- [danieljiang0415/android_kernel_crash_poc](https://github.com/danieljiang0415/android_kernel_crash_poc) -
- [robertfisk/USG](https://github.com/robertfisk/USG) - The USG is Good, not Bad
- [ossec/ossec-hids](https://github.com/ossec/ossec-hids) - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
- [iovisor/bcc](https://github.com/iovisor/bcc) - BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
- [huntergregal/mimipenguin](https://github.com/huntergregal/mimipenguin) - A tool to dump the login password from the current linux user
- [SamyPesse/How-to-Make-a-Computer-Operating-System](https://github.com/SamyPesse/How-to-Make-a-Computer-Operating-System) - How to Make a Computer Operating System in C++
- [nonstriater/Learn-Algorithms](https://github.com/nonstriater/Learn-Algorithms) - 算法学习笔记
- [wg/wrk](https://github.com/wg/wrk) - Modern HTTP benchmarking tool
## C# #
- [EncodeGroup/RegSave](https://github.com/EncodeGroup/RegSave) - A .NET implementation to dump SAM / SECURITY / SYSTEM registry hives
- [lintstar/SharpHunter](https://github.com/lintstar/SharpHunter) - Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具
- [xhnbzdl/feishu-doc-export](https://github.com/xhnbzdl/feishu-doc-export) - 飞书文档导出服务
- [h0ny/MobaXtermDecryptor](https://github.com/h0ny/MobaXtermDecryptor) - A simple MobaXterm password extraction tool.
- [1Remote/1Remote](https://github.com/1Remote/1Remote) - One Remote Access Manager to Rule Them All
- [rnchg/Apt](https://github.com/rnchg/Apt) - AI Productivity Tool - Free and open source, improve user productivity, protect privacy and data security. Provide efficient and convenient AI solutions, built-in local exclusive ChatGPT, Phi, DeepSee
- [decoder-it/KrbRelay-SMBServer](https://github.com/decoder-it/KrbRelay-SMBServer) -
- [murat-exp/EDR-Antivirus-Bypass-to-Gain-Shell-Access](https://github.com/murat-exp/EDR-Antivirus-Bypass-to-Gain-Shell-Access) - EDR & Antivirus Bypass to Gain Shell Access
- [lypd0/DeadPotato](https://github.com/lypd0/DeadPotato) - DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the
- [MInggongK/Penetration-mining-src](https://github.com/MInggongK/Penetration-mining-src) - 一款集成了H3C,致远,泛微,万户,帆软,海康威视,金蝶云星空,畅捷通,Struts等多个RCE漏洞利用工具
- [INotGreen/SharpScan](https://github.com/INotGreen/SharpScan) - 内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破(SSH、SMB、MsSQL等)、Socks代理,一键自动化+无文件落地扫描
- [qwqdanchun/Pillager](https://github.com/qwqdanchun/Pillager) - Pillager是一个适用于后渗透期间的信息收集工具
- [StarfireLab/SharpWeb](https://github.com/StarfireLab/SharpWeb) - 一个浏览器数据(密码|历史记录|Cookie|书签|下载记录)的导出工具,支持主流浏览器。
- [Mangofang/BypassLoad](https://github.com/Mangofang/BypassLoad) - shellcode免杀加载器,过主流杀软
- [DeEpinGh0st/WindowsBaselineAssistant](https://github.com/DeEpinGh0st/WindowsBaselineAssistant) - Windows安全基线核查加固助手
- [mabangde/winlogparser](https://github.com/mabangde/winlogparser) - windows 日志检测工具
- [Ridter/MSSQL_CLR](https://github.com/Ridter/MSSQL_CLR) - MSSQL CLR for pentest.
- [la00gke/DomainAuto-one](https://github.com/la00gke/DomainAuto-one) - Domain penetration automation module one, domain information collection.
- [0xb11a1/yetAnotherObfuscator](https://github.com/0xb11a1/yetAnotherObfuscator) - C# obfuscator that bypass windows defender
- [BeichenDream/GodPotato](https://github.com/BeichenDream/GodPotato) -
- [WesleyWong420/RedTeamOps-Havoc-101](https://github.com/WesleyWong420/RedTeamOps-Havoc-101) - Materials for the workshop "Red Team Ops: Havoc 101"
- [darktohka/FlashPatch](https://github.com/darktohka/FlashPatch) - FlashPatch! Play Adobe Flash Player games in the browser after January 12th, 2021.
- [daem0nc0re/TangledWinExec](https://github.com/daem0nc0re/TangledWinExec) - PoCs and tools for investigation of Windows process execution techniques
- [sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY](https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY) - Exploit for the CVE-2023-23397
- [Sq00ky/csharp-portscanner](https://github.com/Sq00ky/csharp-portscanner) - simple C# portscanner - written for playing around with Metasploit's Execute-Assembly
- [zcgonvh/DCOMPotato](https://github.com/zcgonvh/DCOMPotato) - Some Service DCOM Object and SeImpersonatePrivilege abuse.
- [zR00t1/WannaCry](https://github.com/zR00t1/WannaCry) - 基于C#编写的WannaCry模拟病毒,通常应用于网络安全应急演练
- [lele8/SharpUserIP](https://github.com/lele8/SharpUserIP) - 获取服务器或域控登录日志
- [mandiant/ADFSDump](https://github.com/mandiant/ADFSDump) -
- [rasta-mouse/SharpC2](https://github.com/rasta-mouse/SharpC2) - Command and Control Framework written in C#
- [bugch3ck/SharpEfsPotato](https://github.com/bugch3ck/SharpEfsPotato) - Local privilege escalation from SeImpersonatePrivilege using EfsRpc.
- [RikunjSindhwad/MSSQL-Attacker](https://github.com/RikunjSindhwad/MSSQL-Attacker) - MSSQL Database Attacker tool
- [F3eev/SharkExec](https://github.com/F3eev/SharkExec) - 内网渗透|红队工具|C#内存加载|cobaltstrike
- [BornToBeRoot/NETworkManager](https://github.com/BornToBeRoot/NETworkManager) - A powerful tool for managing networks and troubleshoot network problems!
- [netwrix/PingCastleCloud](https://github.com/netwrix/PingCastleCloud) - Audit program for AzureAD
- [BeichenDream/SharpToken](https://github.com/BeichenDream/SharpToken) - Windows Token Stealing Expert
- [casbin-net/redis-adapter](https://github.com/casbin-net/redis-adapter) - Redis adapter for Casbin.NET
- [pwn1sher/frostbyte](https://github.com/pwn1sher/frostbyte) - FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
- [CervantesSec/cervantes](https://github.com/CervantesSec/cervantes) - Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients
- [xpn/AppProxyC2](https://github.com/xpn/AppProxyC2) -
- [improsec/SharpEventPersist](https://github.com/improsec/SharpEventPersist) - Persistence by writing/reading shellcode from Event Log
- [EricZimmerman/evtx](https://github.com/EricZimmerman/evtx) - C# based evtx parser with lots of extras
- [Ryze-T/CNVD-2022-10270-LPE](https://github.com/Ryze-T/CNVD-2022-10270-LPE) - 基于向日葵RCE的本地权限提升,无需指定端口
- [Hagrid29/DuplicateDump](https://github.com/Hagrid29/DuplicateDump) - Dumping LSASS with a duplicated handle from custom LSA plugin
- [fox-it/LDAPFragger](https://github.com/fox-it/LDAPFragger) -
- [nettitude/SharpWSUS](https://github.com/nettitude/SharpWSUS) -
- [SpecterOps/SharpHoundCommon](https://github.com/SpecterOps/SharpHoundCommon) - Common library used by SharpHound.
- [nettitude/MalSCCM](https://github.com/nettitude/MalSCCM) -
- [Viralmaniar/DDWPasteRecon](https://github.com/Viralmaniar/DDWPasteRecon) - DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's
- [Dec0ne/KrbRelayUp](https://github.com/Dec0ne/KrbRelayUp) - KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
- [whitesquirrell/C0deVari4nt](https://github.com/whitesquirrell/C0deVari4nt) - A variant analysis and visualisation tool that scans codebases for similar vulnerabilities
- [arsium/EagleMonitorRAT](https://github.com/arsium/EagleMonitorRAT) - Remote Access Tool Written In C#
- [onSec-fr/Http-Asynchronous-Reverse-Shell](https://github.com/onSec-fr/Http-Asynchronous-Reverse-Shell) - [POC] Asynchronous reverse shell using the HTTP protocol.
- [yck1509/ConfuserEx](https://github.com/yck1509/ConfuserEx) - An open-source, free protector for .NET applications
- [daem0nc0re/AtomicSyscall](https://github.com/daem0nc0re/AtomicSyscall) - Tools and PoCs for Windows syscall investigation.
- [scotty-kdw/ARM-Analyzer](https://github.com/scotty-kdw/ARM-Analyzer) - Backward Taint Analysis (GUI) on Desktop : Analyzing trace log to determine exploitability by tracking data propagation
- [RowTeam/SharpDecryptPwd](https://github.com/RowTeam/SharpDecryptPwd) - SharpDecryptPwd source, To Decrypt Navicat,Xmanager,Filezilla,Foxmail,WinSCP,etc
- [Gr1mmie/AtlasC2](https://github.com/Gr1mmie/AtlasC2) - C# C2 Framework centered around Stage 1 operations
- [wwh1004/ExtremeDumper](https://github.com/wwh1004/ExtremeDumper) - .NET Assembly Dumper
- [netero1010/ScheduleRunner](https://github.com/netero1010/ScheduleRunner) - A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation
- [Group3r/Group3r](https://github.com/Group3r/Group3r) - Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
- [JDArmy/SharpXDecrypt](https://github.com/JDArmy/SharpXDecrypt) - Xshell全版本密码恢复工具
- [cube0x0/KrbRelay](https://github.com/cube0x0/KrbRelay) - Framework for Kerberos relaying
- [0xthirteen/SharpStay](https://github.com/0xthirteen/SharpStay) - .NET project for installing Persistence
- [skahwah/SQLRecon](https://github.com/skahwah/SQLRecon) - A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
- [tothi/SharpStay](https://github.com/tothi/SharpStay) - .NET project for installing Persistence
- [dqcostin/SharpGetinfo](https://github.com/dqcostin/SharpGetinfo) - 关于工作组和域信息收集的工具
- [Flangvik/CobaltBus](https://github.com/Flangvik/CobaltBus) - Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
- [ly4k/SpoolFool](https://github.com/ly4k/SpoolFool) - Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
- [py7hagoras/GetSystem](https://github.com/py7hagoras/GetSystem) - This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of almost any SYSTEM process.
- [mrd0x/EvilSelenium](https://github.com/mrd0x/EvilSelenium) - EvilSelenium is a tool that weaponizes Selenium to attack Chromium based browsers.
- [jfmaes/AmsiHooker](https://github.com/jfmaes/AmsiHooker) - Hookers are cooler than patches.
- [VbScrub/Rubeus-GUI](https://github.com/VbScrub/Rubeus-GUI) - GUI alternative to the Rubeus command line tool, for all your Kerberos exploit requirements
- [pengw0048/WechatExport-iOS](https://github.com/pengw0048/WechatExport-iOS) - Save iOS WeChat history as HTML or TXT with neat layout and picture & audio support.
- [snovvcrash/MirrorDump](https://github.com/snovvcrash/MirrorDump) - Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
- [mandiant/SharPersist](https://github.com/mandiant/SharPersist) -
- [An0nySec/UserAdd](https://github.com/An0nySec/UserAdd) - Bypass AV 用户添加
- [daem0nc0re/PrivFu](https://github.com/daem0nc0re/PrivFu) - Kernel mode WinDbg extension and PoCs for token privilege investigation.
- [pwn1sher/WMEye](https://github.com/pwn1sher/WMEye) - WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
- [bohops/RogueAssemblyHunter](https://github.com/bohops/RogueAssemblyHunter) - Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
- [VollRagm/KernelBypassSharp](https://github.com/VollRagm/KernelBypassSharp) - C# Kernel Mode Driver to read and write memory in protected processes
- [punk-security/smbeagle](https://github.com/punk-security/smbeagle) - SMBeagle - Fileshare auditing tool.
- [evi1ox/sharpNetstat](https://github.com/evi1ox/sharpNetstat) -
- [Jumbo-WJB/SharpAllowedToAct-Modify](https://github.com/Jumbo-WJB/SharpAllowedToAct-Modify) - resource-based constrained delegation RBCD
- [Ridter/SharpAddDomainMachine](https://github.com/Ridter/SharpAddDomainMachine) - SharpAddDomainMachine
- [cube0x0/noPac](https://github.com/cube0x0/noPac) - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
- [matterpreter/FindETWProviderImage](https://github.com/matterpreter/FindETWProviderImage) - Quickly search for references to a GUID in DLLs, EXEs, and drivers
- [A-D-Team/SharpMemshell](https://github.com/A-D-Team/SharpMemshell) - Memshell
- [daem0nc0re/SharpWnfSuite](https://github.com/daem0nc0re/SharpWnfSuite) - C# Utilities for Windows Notification Facility
- [FDlucifer/Proxy-Attackchain](https://github.com/FDlucifer/Proxy-Attackchain) - Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)
- [hackthedev/teardrop](https://github.com/hackthedev/teardrop) - Open-Source Ransomware Project for learning purpose only written in C# (csharp). Dont use it for bad things.
- [Jhangju/bypass-sandbox-antivirus-detection-using-human-interaction-technique-by-cheking-mouse-movement](https://github.com/Jhangju/bypass-sandbox-antivirus-detection-using-human-interaction-technique-by-cheking-mouse-movement) - This project actually checks for the mouse movement if reach to 100 pixel it will start cmd and open cmd.exe and chrome.exe. Just to give idea that some sandbox does not use mouse movements.
- [DamonMohammadbagher/NativePayload_ReverseShell](https://github.com/DamonMohammadbagher/NativePayload_ReverseShell) - This is Simple C# Source code to Bypass almost "all" AVS, (kaspersky v19, Eset v12 v13 ,Trend-Micro v16, Comodo & Windows Defender Bypassed via this method Very Simple)
- [Kara-4search/MappingInjection_CSharp](https://github.com/Kara-4search/MappingInjection_CSharp) - MappingInjection via csharp
- [tedyyu/ProcDumpEx](https://github.com/tedyyu/ProcDumpEx) - ProcDumpEx = ProcDump in batch mode
- [rasta-mouse/ExternalC2.NET](https://github.com/rasta-mouse/ExternalC2.NET) - .NET implementation of Cobalt Strike's External C2 Spec
- [ldqk/Masuit.Tools](https://github.com/ldqk/Masuit.Tools) - 全龄段友好的C#万能工具库,码数吐司库,包含一些常用的操作类,大都是静态类,加密解密,反射操作,权重随机筛选算法,分布式短id,表达式树,linq扩展,文件压缩,多线程下载,硬件信息,字符串扩展方法,日期时间扩展操作,中国农历,大文件拷贝,图像裁剪,验证码,断点续传,集合扩展、Excel导出等常用封装。诸多功能集一身,代码量不到2MB!
- [ryhanson/ExternalC2](https://github.com/ryhanson/ExternalC2) - A library for integrating communication channels with the Cobalt Strike External C2 server
- [chr0n1k/AH2021Workshop](https://github.com/chr0n1k/AH2021Workshop) - Malware development for red teaming workshop
- [CanIPhish/Phishious](https://github.com/CanIPhish/Phishious) - An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
- [knight0x07/ImpulsiveDLLHijack](https://github.com/knight0x07/ImpulsiveDLLHijack) - C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
- [iomoath/PowerShx](https://github.com/iomoath/PowerShx) - Run Powershell without software restrictions.
- [leechristensen/SpoolSample](https://github.com/leechristensen/SpoolSample) - PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
- [plackyhacker/Shellcode-Injection-Techniques](https://github.com/plackyhacker/Shellcode-Injection-Techniques) - A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some tec
- [p0dalirius/LDAPmonitor](https://github.com/p0dalirius/LDAPmonitor) - Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
- [plackyhacker/Suspended-Thread-Injection](https://github.com/plackyhacker/Suspended-Thread-Injection) - Another meterpreter injection technique using C# that attempts to bypass Defender
- [0x727/SchTask_0x727](https://github.com/0x727/SchTask_0x727) - 创建隐藏计划任务,权限维持,Bypass AV
- [7hr0wer/ProxyValidator](https://github.com/7hr0wer/ProxyValidator) - 用C#开发的简单的多线程代理验证工具。
- [tevora-threat/SharpView](https://github.com/tevora-threat/SharpView) - C# implementation of harmj0y's PowerView
- [pornin/paradox-compress](https://github.com/pornin/paradox-compress) - Paper and Demo Implementation of Paradoxical Compression with VDF
- [StarZHF/Foxmail-Password-Recovery](https://github.com/StarZHF/Foxmail-Password-Recovery) -
- [zacateras/sddl-parser](https://github.com/zacateras/sddl-parser) - Security Descriptor Definition Language (SDDL) Parser
- [pentest-tools-public/Pass-to-hash-EWS](https://github.com/pentest-tools-public/Pass-to-hash-EWS) -
- [GhostPack/SharpDPAPI](https://github.com/GhostPack/SharpDPAPI) - SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
- [lassehauballe/Eternalblue](https://github.com/lassehauballe/Eternalblue) - Eternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010
- [ChoiSG/SharpJfmaesWorkshop](https://github.com/ChoiSG/SharpJfmaesWorkshop) - things I learned from @jfmaes's .NET reflection workshop - thank you for the great workshop
- [RiccardoAncarani/LiquidSnake](https://github.com/RiccardoAncarani/LiquidSnake) - LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
- [waf/CSharpRepl](https://github.com/waf/CSharpRepl) - A command line C# REPL with syntax highlighting – explore the language, libraries and nuget packages interactively.
- [eladshamir/Whisker](https://github.com/eladshamir/Whisker) - Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
- [evilashz/SharpADUserIP](https://github.com/evilashz/SharpADUserIP) - 提取DC日志,快速获取域用户对应IP地址
- [iomoath/SharpSpray](https://github.com/iomoath/SharpSpray) - Active Directory password spraying tool. Auto fetches user list and avoids potential lockouts.
- [GhostPack/RestrictedAdmin](https://github.com/GhostPack/RestrictedAdmin) - Remotely enables Restricted Admin Mode
- [X-C3LL/xlsxPoison](https://github.com/X-C3LL/xlsxPoison) - Just a PoC to turn xlsx (regular Excel files) into xlsm (Excel file with macro) and slipping inside a macro (vbaProject.bin)
- [fozavci/WeaponisingCSharp-Fundamentals](https://github.com/fozavci/WeaponisingCSharp-Fundamentals) - Weaponising C# - Fundamentals Training Content
- [bitsadmin/fakelogonscreen](https://github.com/bitsadmin/fakelogonscreen) - Fake Windows logon screen to steal passwords
- [YDHCUI/csload.net](https://github.com/YDHCUI/csload.net) - 一个cobaltstrike shellcode加载器,过国内主流杀软
- [EncodeGroup/UAC-SilentClean](https://github.com/EncodeGroup/UAC-SilentClean) - New UAC bypass for Silent Cleanup for CobaltStrike
- [deadjakk/Reg1c1de](https://github.com/deadjakk/Reg1c1de) - Registry permission scanner written in C# for finding potential privesc avenues within registry
- [mai1zhi2/SharpBeacon](https://github.com/mai1zhi2/SharpBeacon) - CobaltStrike Beacon writ