Name: backlion
Type: User
Company: 渗透测试研究中心公众号【渗透测试研究中心】
Bio: Penetration Testing,WEB Security Research,Red Team, penetration testing and Research Center --->>http://www.cnblogs.com/backlion
Location: **成都
Blog: http://www.cnblogs.com/backlion
backlion's Projects
冰蝎v1.0
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
CobaltStrike 4.0 - 4.5 Patch
Privilege Escalation Enumeration Toolkit (64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
PowerShell Conference EU 2016 Slides and Demo Scripts
PowerShell Conference Europe 2018 Slides and Demo Scripts
2019 年 5 月 11 日防灾科技学院 “应急挑战杯” 大学生网络安全邀请赛 AWD 靶机题目。
2021 hw
2023 HVV情报速递~
c++免杀绕过360,vt爆4个
利用inline hook免杀绕过360,vt爆3个
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本,用于节省红队人员工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
Tool for extracting information from newly spawned processes
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
对安卓APP注入MSF PAYLOAD,并且对手机管家进行BYPASS。
把msf生成的安卓远控附加进普通的app中,并进行加固隐藏特征。可以绕过常见的手机安全管家。
7kbscan-WebPathBrute Web路径暴力探测工具
extract information from password-protected .7z archives (and .sfx files) such that you can crack these "hashes" with hashcat
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Artifact analysis tools by JPCERT/CC Analysis Center
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
TCP tunneling over HTTP/HTTPS for web application servers
支持Nginx、Apache、Tomcat等标准WEB日志的分析
POC of https://research.checkpoint.com/extracting-code-execution-from-winrar/
A script for advanced discovery of Privileged Accounts - includes Shadow Admins
Active Directory ACL exploitation with BloodHound
A pure Unix shell script implementing ACME client protocol
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.