【WorkWin】https://www.vipshare.com/
【NetSupportManager】https://www.netsupportmanager.com/zh-CN/
https://github.com/quasar/Quasar
https://github.com/n1nj4sec/pupy
https://github.com/Cr4sh/MicroBackdoor
https://github.com/orangetw/tsh
https://github.com/yuanyuanxiang/SimpleRemoter
https://github.com/Cc28256/CcRemote
https://github.com/rapid7/metasploit-framework
https://github.com/BishopFox/sliver
https://github.com/HavocFramework/Havoc
https://github.com/HackerCalico/Magic_C2
1、启动文件夹
2、注册表
3、服务
4、任务计划
1、写入ssh公钥
https://github.com/The-Z-Labs/linux-exploit-suggester
https://github.com/jondonas/linux-exploit-suggester-2
https://github.com/liamg/traitor
https://github.com/peass-ng/PEASS-ng/tree/master/linPEAS
https://gtfobins.github.io/
https://github.com/Ascotbe/Kernelhub
https://github.com/SecWiki/windows-kernel-exploits
https://forum.butian.net/share/860
https://github.com/uknowsec/SweetPotato
https://github.com/CodeSecurityTeam/frp
https://github.com/jpillora/chisel
https://github.com/zema1/suo5
https://github.com/L-codes/Neo-reGeorg
ASPX网站数据库密码加密存储
https://github.com/aleenzz/InjectSQLServer
https://github.com/GhostPack/Seatbelt
https://github.com/shadow1ng/fscan
nltest
域环境下常规打法:上传bloodbound客户端搜集域内信息,把结果回传本地后,利用kali的bloodbound服务端解析,分析域内的薄弱环节
【免杀的】横向移动命令执行
https://github.com/rootclay/WMIHACKER
https://github.com/safe6Sec/command
https://mp.weixin.qq.com/s/tqd9jJJv4bmzN6xVdpGDow