post-exploitation

A collection of hacking tools, resources and references to practice ethical hacking.

fsociety Hacking Tools Pack – A Penetration Testing Framework

An open-source post-exploitation framework for students, researchers and developers.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

A tool to dump the login password from the current linux user

Redteam operation platform with webui 图形化红队行动辅助平台

An evil RAT (Remote Administration Tool) for macOS / OS X.

venom - C2 shellcode generator/compiler/handler

Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++ like CobaltStrike.

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

C2/post-exploitation framework

Linux/Windows post-exploitation framework made by linux user

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Bash post exploitation toolkit

Load shellcode into a new process

A Python Package for Data Exfiltration

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

A framework for Backdoor development!

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

Network Pivoting Toolkit

Orc is a post-exploitation framework for Linux written in Bash

[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.

Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)