SaiRson's Projects
Command and Control Framework written in C#.
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
Pass the Hash to a named pipe for token Impersonation
Csharp 反射加载dll
基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
Adversary Emulation Framework
SMBGhost (CVE-2020-0796) Automate Exploitation and Detection
SOCKS Protocol Version 5 Library in Go. Full TCP/UDP and IPv4/IPv6 support
各种漏洞poc、Exp的收集或编写
简单强大的多协议双向代理工具 A simple and powerful proxy
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
starguard 命令与控制框架的部分测试文件
Stop Windows Defender programmatically
Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
一款针对向日葵的识别码和验证码提取工具
A high performance http-socks tunnel
基于实战沉淀下的各种弱口令字典
主流供应商的一些攻击性漏洞汇总
A Swagger API Exploit
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
AV/EDR evasion via direct system calls.
AV/EDR evasion via direct system calls.
挖掘国内外漏洞平台必备的自动化捡钱赏金技巧,看了并去做了捡钱如喝水。
TaiO 的定位是一款用于攻击方对靶标资产梳理,快速定位脆弱资产的网络空间测绘工具