Getting Started With Chrome DevTools Protocol

🎯 PHP / ASP - Shell Backdoor List 🎯

awesome list of browser exploitation tutorials

NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.

Java 内存马开聚会 🎉

Attach an executable file and use JavaScript to download the attachment

助力红队成员一键生成免杀木马，使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan

Python library to convert elf to os-independent shellcodes

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组

Redis 漏洞利用工具

Java Js Engine Payloads All in one

game of active directory

DPAPI looting remotely and locally in Python

Dump cookies and credentials directly from Chrome/Edge process memory

yep full list of virustotal machines, OG REPO

A list of Domain Frontable Domains by CDN

Sign-Sacker(签名掠夺者)：一款数字签名复制器，可将其他官方exe中数字签名，图标，详细信息复制到没有签名的exe中，作为免杀，权限维持，伪装的一种小手段。

Because AV evasion should be easy.

一款后渗透免杀工具，助力每一位像我这样的脚本小子快速实现免杀，支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader

My experiments in weaponizing Nim (https://nim-lang.org/)

Perfect DLL Proxying using forwards with absolute paths.

Repository of attack and defensive information for Business Email Compromise investigations

关于红队方面的学习资料

Everything and anything related to password spraying

Loading BOF & ShellCode without executable permission memory.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws