hdks-bug / hermit

AV bypass while you sip your Chai!

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

#计算机科学#Multi-tool for semantic search

基于 OPSEC 的 CobaltStrike 后渗透自动化链

A readline wrapper

A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.

Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.

AD ACL abuse

Hardcore Debugging

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Docker 中运行 Windows 操作系统

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly

BYOVD process killer

The Network Execution Tool

kunwu是新一代webshell检测引擎，使用了内置了模糊规则、污点分析模拟执行、机器学习三种高效的检测策略

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.