notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1200多个poc/exp，长期更新。

Demo proof of concept for shadow regions, and implementation of HyperDeceit.

Find .net assemblies locally

Build browser extensions easily with Blazor.

XLL Phishing Tradecraft

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

This repo covers some code execution and AV Evasion methods for Macros in Office documents

Arsenal is just a quick inventory and launcher for hacking programs

A powerful obfuscator for JavaScript and Node.js

C# as you know it but with Go-inspired tooling (small, selfcontained, and native executables)

Shikata ga nai (仕方がない) encoder ported into go with several improvements

Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET

Direct Memory Access (DMA) Attack Software

MemProcFS

A basic CS:GO ESP utilising DMA and HDMI-Overlay

More than a ReClass port to the .NET platform.

xlrd2 is a variant of xlrd that is actively maintained

Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

Ghidra is a software reverse engineering (SRE) framework