231 Open source projects that are alternatives of or similar to Zombieant

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Smart OSINT collection of common IOC types

Python antivirus evasion tool

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

PS / Bash / Python / Other scripts For FUN!

An evil RAT (Remote Administration Tool) for macOS / OS X.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Identifies the bytes that Microsoft Defender flags on.

Python API Client for Cortex

A repository of sysmon configuration modules

Indicator Extractor

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Investigate malicious Windows logon by visualizing and analyzing Windows event log

.NET 4.0 Remote Desktop Manager Password Gatherer

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Loki - Simple IOC and Incident Response Scanner

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

unix SSH post-exploitation 1337 tool

📇 Digital Forensics Artifact Repository (forensicanalysis edition)

A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

fsociety Hacking Tools Pack – A Penetration Testing Framework

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Windows Events Attack Samples

Tools for the Computer Incident Response Team 💻

Signature base for my scanner tools

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Invoke-LiveResponse

Event Trace Log file parser in pure Python

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Post-Exploitation Framework

Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.

Automagically extract forensic timeline from volatile memory dump

Chrome Keylogger Extension | Post Exploitation Tool

Your Everyday Threat Intelligence

(windows) post exploitation: dll injection, process hollowing, RunPe, Keyloggers, UacByPass etc..

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

Neutering Sysmon via driver unload

Malcom - Malware Communications Analyzer

A port of Kaitai to the Hiew hex editor

A shell script that automatically performs a series of *NIX enumeration tasks.

All-in-one bundle of MISP, TheHive and Cortex

CIRCL system forensic tools or a jumble of tools to support forensic

A curated list of awesome forensic analysis tools and resources

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

venom - shellcode generator/compiler/handler (metasploit)

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Relational database brute force and post exploitation tool for MySQL and MSSQL

备考 OSCP 的各种干货资料/渗透测试干货资料

Python API Client for TheHive

Collaborative forensic timeline analysis