BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+1370.27%)
transportc2PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
Stars: ✭ 22 (-40.54%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+2970.27%)
linklink is a command and control framework written in rust
Stars: ✭ 345 (+832.43%)
AlanFrameworkA C2 post-exploitation framework
Stars: ✭ 405 (+994.59%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+1362.16%)
meteorA cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
Stars: ✭ 31 (-16.22%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+227.03%)
MerlinMerlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Stars: ✭ 3,522 (+9418.92%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (+189.19%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+1994.59%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+1029.73%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+794.59%)
venusA Visual Studio Code Extension agent for Mythic C2
Stars: ✭ 47 (+27.03%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (+5.41%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+2800%)
Pathwar☠️ The Pathwar Project ☠️
Stars: ✭ 58 (+56.76%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+5167.57%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+3078.38%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+4543.24%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (+256.76%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (+789.19%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+989.19%)
Atomic Red Team Intelligence C2ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Stars: ✭ 87 (+135.14%)
Sec ToolsDocker images for infosec tools
Stars: ✭ 135 (+264.86%)
PowerhubA post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
Stars: ✭ 431 (+1064.86%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+9940.54%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (+2348.65%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (+213.51%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (+191.89%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (+251.35%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+2343.24%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (+359.46%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+5221.62%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+20851.35%)
DiscordGoDiscord C2 for Redteam....Need a better name
Stars: ✭ 55 (+48.65%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+2072.97%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (+2.7%)
MacOS-WPA-PSKPoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.
Stars: ✭ 29 (-21.62%)
ByobAn open-source post-exploitation framework for students, researchers and developers.
Stars: ✭ 6,949 (+18681.08%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+421.62%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+675.68%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (+416.22%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+278.38%)
Poet[unmaintained] Post-exploitation tool
Stars: ✭ 184 (+397.3%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (+405.41%)
ToRat clientThis is the ToRat client, a part of the ToRat Project.
Stars: ✭ 29 (-21.62%)
atermIt records your terminal, then lets you upload to ASHIRT
Stars: ✭ 17 (-54.05%)
disctopia-c2Windows Remote Administration Tool that uses Discord as C2
Stars: ✭ 216 (+483.78%)
palinka c2Just another useless C2 occupying space in some HDD somewhere.
Stars: ✭ 14 (-62.16%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (+224.32%)
chkdfrontCheck Domain Fronting (chkdfront) - It checks if your domain fronting is working
Stars: ✭ 42 (+13.51%)
AutoWinAutowin is a framework that helps organizations simulate custom attack scenarios in order to improve detection and response capabilities.
Stars: ✭ 18 (-51.35%)
XENAXENA is the managed remote administration platform for botnet creation & development powered by blockchain and machine learning. Aiming to provide an ecosystem which serves the bot herders. Favoring secrecy and resiliency over performance. It's micro-service oriented allowing for specialization and lower footprint. Join the community of the ulti…
Stars: ✭ 127 (+243.24%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+1997.3%)