987 Open source projects that are alternatives of or similar to Phpsploit

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Network Pivoting Toolkit

Simple DLL that add a user to the local Administrators group

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Search for Unix binaries that can be exploited to bypass system security restrictions.

Python AV Evasion Tools

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

WebShell Backdoor Framework

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

IndoXploit Webshell V.3

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

./kumasia php simple backdoor

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Assist reverse tcp shells in post-exploration tasks

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

🎯 PHP / ASP - Shell Backdoor List 🎯

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

ParadoxiaRat : Native Windows Remote access Tool.

Apache Tomcat auto WAR deployment & pwning penetration testing tool.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A curated list of awesome privilege escalation

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

LD_PRELOAD rootkit

Awesome cloud enumerator

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

OSINT

👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

metasploit-framework 图形界面 / 图形化内网渗透工具

👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Load shellcode into a new process

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Advanced Web Shell

Webshell && Backdoor Collection

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

记录自己编写、修改的部分工具

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Enumerate information from NTLM authentication enabled web endpoints 🔎

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

linux post-exploitation framework made by linux user