CheatSheet

Cheat Sheet

编译命令_Go

go install mvdan.cc/garble@latest

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
# garble
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 garble -tiny -literals -seed=random build -ldflags "-s -w -H=windowsgui" -trimpath -o hello-grable.exe

CGO_ENABLED=0 GOOS=windows GOARCH=amd64 garble -seed=random build -ldflags "-s -w -H=windowsgui" -trimpath -o hello-grable.exe

# go
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags "-s -w -H=windowsgui" -trimpath

## windows
set CGO_ENABLED=0 && set GOOS=windows && set GOARCH=amd64 && go build -ldflags "-s -w -H=windowsgui" -trimpath 

devenv.exe

Devenv command line switches - Visual Studio | Microsoft Learn

1
devenv /build Release .\Project.sln

系统和软件包自动换源

1
2
curl -LO https://gitee.com/RubyMetric/chsrc/releases/download/pre/chsrc_latest-1_amd64.deb
sudo sudo dpkg -i chsrc_latest-1_amd64.deb

docker

1
2
3
4
curl https://get.docker.com/ | sh

# 换源（可选）
sudo chsrc set dockerhub

go

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
#!/bin/bash
set -e
# Install snap if missing
if ! command -v snap &>/dev/null; then
    echo "Installing snap..."
    sudo apt update && sudo apt install snapd -y
fi
# Install latest Go via snap
sudo snap install --classic go
# Add Go to PATH for current session
export PATH=$PATH:/snap/bin
echo "✅ Go installed: $(go version)"

projectdiscovery

1
2
go install -v github.com/projectdiscovery/pdtm/cmd/pdtm@latest
pdtm -ia

gowitness

1
go install github.com/sensepost/gowitness@latest

1
gowitness scan file -f targets.txt --threads 5 --write-db

用于更新平时在 github、x 看到的项目、技巧等

https://pauljerimy.com/security-certification-roadmap/ - 证书表格

https://ntdoc.m417z.com/ - Nt 文档

https://github.com/Flangvik/SharpCollection - C# 工具集

命令帮助

rubeus.exe - sharphound.exe - sqlrecon.exe - sigthief.py

信息搜集

Google Dorks for Bug Bounty - Google Dorks 语法自动生成工具
https://github.com/msd0pe-1/cve-maker - cve 搜索工具
https://github.com/vdjagilev/nmap-formatter - xml2cvs、json、html
https://github.com/projectdiscovery/httpx - 存活、标题、指纹、技术探测

利用

https://github.com/projectdiscovery/nuclei - 基于模板的 POC 验证工具

规避杀软

Nim

icyguider/Nimcrypt2: .NET, PE, & Raw Shellcode Packer/Loader Written in Nim

aeverj/NimShellCodeLoader: 使用nim编写的shellcode加载器

Cobalt Strike

BOF

https://github.com/ajpc500/BOFs - Collection of Beacon Object Files

插件

https://github.com/0xthirteen/MoveKit - 横向移动

https://github.com/yutianqaq/CSx3Ldr - 免杀 Nim