134 Open source projects that are alternatives of or similar to Leprechaun

Search for Unix binaries that can be exploited to bypass system security restrictions.

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

An evil RAT (Remote Administration Tool) for macOS / OS X.

Post-Exploitation Framework

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.

Linux enumeration tool for pentesting and CTFs with verbosity levels

venom - shellcode generator/compiler/handler (metasploit)

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

My proof-of-concept exploits for the Linux kernel

[unmaintained] Post-exploitation tool

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

A collection of hacking / penetration testing resources to make you better!

ODAT: Oracle Database Attacking Tool

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

(windows) post exploitation: dll injection, process hollowing, RunPe, Keyloggers, UacByPass etc..

An open-source post-exploitation framework for students, researchers and developers.

MSDAT: Microsoft SQL Database Attacking Tool

Relational database brute force and post exploitation tool for MySQL and MSSQL

unix SSH post-exploitation 1337 tool

A Python Package for Data Exfiltration

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

C2/post-exploitation framework

Chrome Keylogger Extension | Post Exploitation Tool

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

metasploit-framework 图形界面 / 图形化内网渗透工具

DLL Hijacking Detection Tool

.NET 4.0 Remote Desktop Manager Password Gatherer

A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies

Privilege Escalation Enumeration Script for Windows

My collection of metasploit auxiliary post-modules

A shell script that automatically performs a series of *NIX enumeration tasks.

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Linux post exploitation privilege escalation enumeration

fsociety Hacking Tools Pack – A Penetration Testing Framework

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Linux Privilege Escalation Tool By WazeHell

Collection of things made during my OSCP journey

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Bash post exploitation toolkit

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python library and client for token manipulations and impersonations for privilege escalation on Windows

Linux privilege escalation exploit via snapd (CVE-2019-7304)

备考 OSCP 的各种干货资料/渗透测试干货资料

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM

CVE-2020-0796 Local Privilege Escalation POC

Local Privilege Escalation

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.