BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+195.65%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+4113.04%)
ToratToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415 (+125.54%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (+127.72%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+79.89%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-79.89%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+892.39%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-52.72%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-22.83%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-80.98%)
PowerhubA post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
Stars: ✭ 431 (+134.24%)
Venomvenom - shellcode generator/compiler/handler (metasploit)
Stars: ✭ 904 (+391.3%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+3561.41%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Stars: ✭ 1,934 (+951.09%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (+47.28%)
Teardroid-phprat🇮🇳 🤖 It's easy to use android botnet work without port forwarding, vps and android studio
Stars: ✭ 417 (+126.63%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+119.02%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+439.13%)
KratosknifeKratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc
Stars: ✭ 97 (-47.28%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-27.72%)
PandasniperLinux C2 框架demo,为期2周的”黑客编程马拉松“,从学习编程语言开始到实现一个demo的产物
Stars: ✭ 159 (-13.59%)
EvasorA tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
Stars: ✭ 134 (-27.17%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1123.37%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-7.61%)
SillyratA Cross Platform multifunctional (Windows/Linux/Mac) RAT.
Stars: ✭ 152 (-17.39%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-29.35%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-29.35%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+970.11%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-27.72%)
TechnowloggerTechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
Stars: ✭ 172 (-6.52%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-28.26%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-16.3%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+941.3%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-3.8%)
ZombieantZombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
Stars: ✭ 169 (-8.15%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-29.89%)
N00bratRemote Administration Toolkit (or Trojan) for POSiX (Linux/Unix) system working as a Web Service
Stars: ✭ 148 (-19.57%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-30.43%)
Mass RatBasic Multiplatform Remote Administration Tool - Xamarin
Stars: ✭ 127 (-30.98%)
StitchPython Remote Administration Tool (RAT)
Stars: ✭ 2,018 (+996.74%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-32.07%)
SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+860.33%)
UmbrellaA Phishing Dropper designed to Pentest.
Stars: ✭ 180 (-2.17%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-5.43%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-9.24%)
StuffUnsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
Stars: ✭ 146 (-20.65%)
Nraynray distributed port scanner
Stars: ✭ 125 (-32.07%)
C2hackC2Hack, sharing tips and tricks for pentesters
Stars: ✭ 124 (-32.61%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-21.74%)
TelekillerA Tools Session Hijacking And Stealer Local Passcode Telegram Windows
Stars: ✭ 122 (-33.7%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-9.78%)
PurplecloudAn Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
Stars: ✭ 122 (-33.7%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+833.7%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-34.24%)
Ntlmscanscan for NTLM directories
Stars: ✭ 141 (-23.37%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+959.24%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-35.87%)