A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A Gradio web UI for Large Language Models.

リアルタイムボイスチェンジャー Realtime Voice Changer

A swiss army knife for pentesting networks

Stable Diffusion built-in to Blender

Technical Analysis Indicators - Pandas TA is an easy to use Python 3 Pandas Extension with 150+ Indicators

Scanning APK file for URIs, endpoints & secrets.

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Mimikatz implementation in pure Python

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

OSINT Tool for Finding Passwords of Compromised Email Addresses

Stealing Signatures and Making One Invalid Signature at a Time

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

Hacking tools pack & backdoors generator.

Financial Data Extraction from Investing.com with Python

Run PowerShell command without invoking powershell.exe

DKMC - Dont kill my cat - Malicious payload evasion tool

A PoC backdoor that uses Gmail as a C&C server

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

实时监控github上新增的cve、自定义关键字、安全工具更新、大佬仓库监控，并多渠道推送通知

LinkedIn Recon Tool

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Python / C# Unmanaged PowerShell based RAT

Open source pre-operation C2 server based on python and powershell

Server for the ListenBrainz project, including the front-end (javascript/react) code that it serves and all of the data processing components that LB uses.

WPScan rewritten in Python + some WPSeku ideas

Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)

Automated Tinder bot and scraper using selenium in python.