Search for Unix binaries that can be exploited to bypass system security restrictions.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

A framework for Backdoor development!

Assist reverse tcp shells in post-exploration tasks

C2/post-exploitation framework

Sifter aims to be a fully loaded Op Centre for Pentesters

Load shellcode into a new process

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Orc is a post-exploitation framework for Linux written in Bash

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

A tool to dump the login password from the current linux user

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

log file scrubber

linux post-exploitation framework made by linux user

A Python Package for Data Exfiltration

metasploit-framework 图形界面 / 图形化内网渗透工具

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse