Top 80 post-exploitation open source projects

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

This tool is used to map out the network data flow to help penetration testers identify potentially valuable targets.

Linux post exploitation privilege escalation enumeration

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

[unmaintained] Post-exploitation tool

My collection of metasploit auxiliary post-modules

Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.

Relational database brute force and post exploitation tool for MySQL and MSSQL

备考 OSCP 的各种干货资料/渗透测试干货资料

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Chrome Keylogger Extension | Post Exploitation Tool

An evil RAT (Remote Administration Tool) for macOS / OS X.

A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

(windows) post exploitation: dll injection, process hollowing, RunPe, Keyloggers, UacByPass etc..

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

unix SSH post-exploitation 1337 tool

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Post-Exploitation Framework

.NET 4.0 Remote Desktop Manager Password Gatherer

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

A shell script that automatically performs a series of *NIX enumeration tasks.

venom - shellcode generator/compiler/handler (metasploit)

fsociety Hacking Tools Pack – A Penetration Testing Framework

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

An open-source post-exploitation framework for students, researchers and developers.

Bash post exploitation toolkit

A Python Package for Data Exfiltration

C2/post-exploitation framework

metasploit-framework 图形界面 / 图形化内网渗透工具

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Load shellcode into a new process

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

A framework for Backdoor development!

linux post-exploitation framework made by linux user

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Sifter aims to be a fully loaded Op Centre for Pentesters

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Orc is a post-exploitation framework for Linux written in Bash

Network Pivoting Toolkit

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

A tool to dump the login password from the current linux user

Search for Unix binaries that can be exploited to bypass system security restrictions.

log file scrubber

Assist reverse tcp shells in post-exploration tasks

mOrc is a post-exploitation framework for macOS written in Bash

DNS File EXfiltration

A tool that allows you to search for vulnerable android devices across the world and exploit them.