post-exploitation

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

fsociety Hacking Tools Pack – A Penetration Testing Framework

An open-source post-exploitation framework for students, researchers and developers.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

A tool to dump the login password from the current linux user

An evil RAT (Remote Administration Tool) for macOS / OS X.

Viper (炫彩蛇) 开源图形化内网渗透工具

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

venom - C2 shellcode generator/compiler/handler

C2/post-exploitation framework

Bash post exploitation toolkit

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

A Python Package for Data Exfiltration

Load shellcode into a new process

linux post-exploitation framework made by linux user

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

Sifter aims to be a fully loaded Op Centre for Pentesters

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

A framework for Backdoor development!

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Orc is a post-exploitation framework for Linux written in Bash

Network Pivoting Toolkit

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.