231 Open source projects that are alternatives of or similar to Zombieant

Tools for the Computer Incident Response Team 💻

Web browser forensics for Google Chrome/Chromium

Signature base for my scanner tools

A Python Package for Data Exfiltration

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

Invoke-LiveResponse

Automation and Scaling of Digital Forensics Tools

Event Trace Log file parser in pure Python

Extract and aggregate threat intelligence.

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

Post-Exploitation Framework

A framework for Backdoor development!

Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Automagically extract forensic timeline from volatile memory dump

Sifter aims to be a fully loaded Op Centre for Pentesters

Chrome Keylogger Extension | Post Exploitation Tool

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

Your Everyday Threat Intelligence

(windows) post exploitation: dll injection, process hollowing, RunPe, Keyloggers, UacByPass etc..

Educational, CTF-styled labs for individuals interested in Memory Forensics

Documentation of TheHive

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

macOS Artifact Parsing Tool

Neutering Sysmon via driver unload

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Malcom - Malware Communications Analyzer

Defanged Indicator of Compromise (IOC) Extractor.

A port of Kaitai to the Hiew hex editor

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

A shell script that automatically performs a series of *NIX enumeration tasks.

A tool for forensic file system reconstruction.

All-in-one bundle of MISP, TheHive and Cortex

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

CIRCL system forensic tools or a jumble of tools to support forensic

InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.

A curated list of awesome forensic analysis tools and resources

Digital Forensics Investigation Platform

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

Yara Based Detection Engine for web browsers

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update.

venom - shellcode generator/compiler/handler (metasploit)

Recon Hunt Queries

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

log file scrubber

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

Relational database brute force and post exploitation tool for MySQL and MSSQL

备考 OSCP 的各种干货资料/渗透测试干货资料

Python API Client for TheHive

Collaborative forensic timeline analysis

VirusTotal Wanna Be - Now with 100% more Hipster

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.