Crispr 's Projects
PrintSpoofer的反射dll实现,结合Cobalt Strike使用
Privilege Escalation Enumeration Script for Windows
Kernel mode WinDbg extension and PoCs for token privilege investigation.
ProcessMonitor
一些进程注入或者Shellcode注入的实例代码,用于练习和熟悉
Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具
CVE-2023-34312
QQ manager arbitrary file delete
Cobalt Strike random C2 Profile generator
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
Tools & Interesting Things for RedTeam Ops
Materials for the workshop "Red Team Ops: Havoc 101"
记录自己编写、修改的部分工具
Statically-linked ssh server with reverse shell functionality for CTFs and such
Exploring RPC interfaces on Windows
Trying to tame the three-headed dog.
“连续六年成为全世界最受喜爱的语言,无GC也无需手动内存管理、极高的性能和安全性、过程/OO/函数式编程、优秀的包管理、JS未来基石" — 工作之余的第二语言来试试Rust吧。<<Rust语言圣经>>拥有全面且深入的讲解、生动贴切的示例、德芙般丝滑的内容,甚至还有JS程序员关注的WASM和Deno等专题。这可能是目前最用心的Rust中文开源教程
Active Directory data collector for BloodHound written in Rust. 🦀
Cobalt Strike script for ScareCrow payloads (EDR/AV evasion)
寻找可利用的白文件
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
A list for Web Security and Code Audit
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
Also known by Microsoft as Knifecoat :hot_pepper:
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
ShellCode Loader for MSF and Cobalt Strike
基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)
信息收集自动化工具