Local privilege escalation via PetitPotam (Abusing impersonate privileges).

市场上虽然存在大量的网络安全工具和软件，但它们大多针对某一特定领域或功能，缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具，不仅降低了工作效率，还增加了操作失误的风险。由gitee转发 ↓

COM Hijacking VOODOO

LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.

🔥📜 Forbidden collection of Red Team sorcery 📜🔥

Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.

Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options

PIC shellcode (C/C++) development toolkit designed for malware developers.

A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON

Cross-platform RAT, written in C

UUID based Shellcode loader for your favorite C2

Red Team Operation's Defense Evasion Technique.

An opensource Prank Startup Malware for windows developed using C Programming Language.

Run it before you bypassUAC

Driver + DLL which allows us to open handles to callback-protected processes

ExploitHawk is a powerful terminal-based exploit search tool for ethical hacking and red team operations, designed for Linux distributions(Debian, Rhel, Arch)

Khyber Pass is a Penetration Testing tool designed to intercept password changes on Linux systems. It effectively filters the passwd command to capture any passwords entered by the user and sends them to a specified Discord Webhook for monitoring purposes.

a x-platform command-line tool for extracting shellcode from PE files

A way to bypass defender and get your shellcode in memory before its caged in AV hell.

Colección de herramientas y scripts enfocados al Red-Team y CTFs