This is your work, valued
CVE-2021-33564. Argument Injection in Dragonfly Ruby Gem
★ 16CIP_Fuzzer. A Simple Fuzzer built on scapy-cip-enip from scy-phy
★ 2CTF. Writeups of some CTF challenges
★ 1copy-fail-CVE-2026-31431. Copy Fail (CVE-2026-31431): 9-year-old Linux kernel LPE found by Theori's Xint Code
★ 4kChrome-App-Bound-Encryption-Decryption. Bypass Chromium's App-Bound Encryption via Direct Syscall-based Reflective Process Hollowing. Extract cookies, passwords, payment methods & tokens from Chrome, Edge, Brave & Avast - fileless, user-mode, no admin required.
★ 1.7kctf-agent. Autonomous CTF solver that races multiple AI models in parallel. 1st place BSidesSF 2026.
★ 613Awesome-AI-Hacking-Agents. List of AI Hacking Agents
★ 572gpoParser. gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory environment.
★ 365smbtakeover. BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
★ 362wspcoerce. wspcoerce coerces a Windows computer account via SMB to an arbitrary target using MS-WSP
★ 140Being-A-Good-CLR-Host. C
★ 141system-prompts-and-models-of-ai-tools. FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI, VSCode Agent, Warp.dev, Windsurf, Xcode, Z.ai Code, Dia & v0. (And other Open Sourced) System Prompts, Internal Tools & AI Models
★ 142kBadSuccessor. PowerShell
★ 268Pentest-Tools-Collection. PowerShell
★ 903sliver. Adversary Emulation Framework
★ 11kRedirectThread. Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techniques
★ 205EDR-Preloader. An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
★ 553NativeDump. Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
★ 739blindsight. Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
★ 246Loki. 🧙♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications
★ 1.4kBFScan. Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used in JAR / WAR / APK applications.
★ 256convoC2. C2 infrastructure over Microsoft Teams.
★ 755ccmpwn. Python
★ 222ComDotNetExploit. A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for code injection. This PoC showcases bypassing code integrity checks and loading malicious payloads in highly protected processes such as LSASS. Based on research from James Forshaw.
★ 337Coercer. A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
★ 2.3kMisconfiguration-Manager. Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
★ 1.2kDEFCON-31-Syscalls-Workshop. Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
★ 765SharpUnhooker. C# Based Universal API Unhooker
★ 408Krueger. Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
★ 435LLM4Decompile. Reverse Engineering: Decompiling Binary Code with Large Language Models
★ 6.8kgenesis-world. Simulation platform for general-purpose robotics & embodied AI learning.
★ 30kWADComs.github.io. WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
★ 1.7koxml_xxe. A tool for embedding XXE/XML exploits into different filetypes
★ 1.2kCertipy. Tool for Active Directory Certificate Services enumeration and abuse
★ 3.6kPassTheCert. Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
★ 762GOAD. game of active directory
★ 8kIl2CppDumper. Unity il2cpp reverse engineer
★ 9.2kfrida-il2cpp-bridge. A Frida module to dump, trace or hijack any IL2CPP application at runtime, without needing the global-metadata.dat file
★ 1.7kCpp2IL. Work-in-progress tool to reverse unity's IL2CPP toolchain.
★ 2.5kdnSpy. Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
★ 11kbadsecrets. A library for detecting known secrets across many web frameworks
★ 811ddddocr. 带带弟弟 通用验证码识别OCR pypi版
★ 14kchisel. A fast TCP/UDP tunnel over HTTP
★ 16kDNN-decompiler. BTD - Bin To DNN: A DNN Executables Decompiler
★ 200silent-spring. Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
★ 75CVE-2023-4634. CVE-2023-4634
★ 47rp. rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
★ 2.2kAmsi-Killer. Lifetime AMSI bypass
★ 680HWSyscalls. HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
★ 735ShellGhost. A memory-based evasion technique which makes shellcode invisible from process start to end.
★ 1.2ksecurity-research. This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
★ 4.6kJackalope. Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android
★ 1.4ksemgrep-rules. A collection of my Semgrep rules to facilitate vulnerability research.
★ 828SAST. 《深入理解SAST静态应用安全测试》Static Application Security Testing.
★ 398graudit. grep rough audit - source code auditing tool
★ 1.7kImHex. 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
★ 54ksemgrep-rules. Java
★ 247collisions. Hash collisions and exploitations
★ 3.4kpocs. Proof of Concepts (PE, PDF...)
★ 1.6ksimple-railway-captcha-solver. 實作基於CNN的台鐵訂票驗證碼辨識以及透過模仿及資料增強的訓練集產生器 (Simple captcha solver based on CNN and a training set generator by imitating the style of captcha and data augmentation)
★ 816MapleShark. MapleShark is a MapleStory sniffer that works with SharpPcap. Sniff dem packetzz!
★ 119GuidedHacking-Injector. The BEST DLL Injector Library.
★ 1.4kawesome-game-security. awesome game security [Welcome to PR]
★ 3.1kAntiCheat-Testing-Framework. Framework to test any Anti-Cheat
★ 822ReClass.NET. More than a ReClass port to the .NET platform.
★ 2.2kwindows-syscalls. Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
★ 2.6kHypervisor-From-Scratch. Source code of a multiple series of tutorials about the hypervisor. Available at: https://rayanfam.com/tutorials
★ 2.6kPHP_INCLUDE_TO_SHELL_CHAR_DICT. PHP
★ 349Auto_Wordlists. Python
★ 1.4kfollina.py. POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
★ 1.1kShhhloader. Syscall Shellcode Loader (Work in Progress)
★ 1.3knanodump. The swiss army knife of LSASS dumping
★ 2.1kCovenant. Covenant is a collaborative .NET C2 framework for red teamers.
★ 4.7kcloudgoat. CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
★ 3.7kC0deVari4nt. A variant analysis and visualisation tool that scans codebases for similar vulnerabilities
★ 73SpringShell. Spring4Shell - Spring Core RCE - CVE-2022-22965
★ 131Security-PPT. Security-related Slide Presentation & Security Research Report(大安全各领域各公司各会议分享的PPT以及各类安全研究报告)
★ 3.6ktabby. A CAT called tabby ( Code Analysis Tool )
★ 1.7kjavaweb-sec. Java
★ 1.1khttp2smugl. Go
★ 561slither. Static Analyzer for Solidity and Vyper
★ 6.3kpublications. Publications from Trail of Bits
★ 1.9kSpoolFool. Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
★ 793Source-and-Fuzzing. 一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..
★ 1.1kPachine. Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
★ 276joern. Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc
★ 3.3kquine-relay. An uroboros program with 100+ programming languages
★ 15kxrop. Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC
★ 308Portspoof. Portspoof
★ 2.4kFuzzing101. An step by step fuzzing tutorial. A GitHub Security Lab initiative
★ 3.8kclient-side-prototype-pollution. Prototype Pollution and useful Script Gadgets
★ 1.6kgau. Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
★ 5kEyeWitness. EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
★ 5.8kOffensiveVBA. This repo covers some code execution and AV Evasion methods for Macros in Office documents
★ 1.3kCredBandit. Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
★ 219gadgetinspector. A byte code analyzer for finding deserialization gadget chains in Java applications
★ 1.1kAwesome-WAF. Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥
★ 7.5kweggli. weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
★ 2.5kSharpGPOAbuse. SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
★ 1.3kjwt-hack. JSON Web Token Hack Toolkit
★ 1krestler-fuzzer. RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
★ 2.9kgixy. Nginx configuration static analyzer
★ 8.6kJDBC-Attack. JDBC Connection URL Attack
★ 451