ro0tmylove's Projects
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
2022 护网行动 POC 整理
All Alfa Tesla / Team Web Shell Backdoors
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
Heavily obfuscated ASP web shell generation tool.
avList - 杀软进程对应杀软名称
A collection of Awesome Google Dorks.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
A collection of awesome penetration testing resources, tools and other shiny things
Leaked source code of the babuk ransomware by VXUG
A collection of handy Bash One-Liners and terminal tricks for data processing and Linux system maintenance.
Binance auto-withdraw phishing
PentestNotes
BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen
A repository that includes all the important wordlists used while bug hunting.
This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".
通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
猫猫Cs:基于Cobalt Strike[4.5]二开 (原dogcs二开移植)
使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。
代码审计
A proof-of-concept malicious Chrome extension
[BIG UPDATE] A discord token grabber, crypto wallet stealer, cookie stealer, password stealer, file stealer etc. app written in Python.
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
CVE-2021-22205& GitLab CE/EE RCE
CVE-2021-3156: Sudo heap overflow exploit for Debian 10
Sudo Baron Samedit Exploit
CVE-2021-4034 1day
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.