Undetectable Windows Payload Generation
persistence kali payloads bypass antivirus uac meter msfconsole metasploit powershell netsec undetectableReceiving back connections on your local machine might not be the best idea from an OPSEC standpoint. Instead consider running this tool from a VPS that has all the dependencies required, available. The new version of AutoSploit has a feature that allows you to set a proxy before you connect and a custom user-agent.
metasploit exploit exploitation offsec automation security-tools securityEggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own. Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.
ios pentest-tool pentest-scripts information-security metasploit exploitation remote-admin-tool meterpreter reverse-shell jailbreakFindsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes "copysploit" to copy any exploit-db exploit to the current directory and "compilesploit" to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
exploits metasploit nmap pentest hackers exploitdb find searchSn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com. To obtain a Sn1per Professional license, go to https://xerosecurity.com.
pentest pentesting hacking scanner automated kali-linux recon sn1per dns metasploit vulnerabilities scans sn1per-professional nuke shellshock subnetbackdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
android android-sdk apk android-development smali apktool metasploitA quick way to generate various "basic" Meterpreter payloads via msfvenom (part of the Metasploit framework). MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload.
msfvenom msfvenom-payload mpc msfpc payload payload-generator payload-generation metasploit-framework metasploit kali kali-linuxMorpheus - Automated Ettercap TCP/IP Hijacking Tool
metasploit ettercap tcp-udp-manipulation on-the-fly mitm-attacksOne-Lin3r is simple and light-weight framework inspired by the web-delivery module in Metasploit. The payloads database is not big now because this the first edition but it will get bigger with updates and contributions.
hacking hacking-tool web-delivery metasploit one-liners one-liner pentest-tool pentesting-windows penetration-testing web-based-attacks web-attacks kali-linux windows-hacking multiplatformvenom (metasploit) shellcode generator/compiler/listener
metasploit msfvenom shellcode compiler handler post-exploitationSo here what I did is automating the original attack and adding two other tricks to fool the user, using HTML and CSS Will talk about it then added meterpreter sessions as I said before. Using javascript to hook the copy event and replace copied data.
msfvenom hacking-tool windows-hacking social-engineering-attacks metasploit liner web-hacking metasploit-web-delivery pastejackingThis repository contains fully-fleshed out code examples from the book Gray Hat C#. In this book, a wide variety of security oriented tools and libraries will be written using the C# programming language, allowing for cross-platform automation of the most crucial aspects of a security engineer's roles in a modern organization. Many of the topics will also be highly useful for hobbyists and security enthusiasts who are looking to gain more experience with common security concepts and tools with real world examples for both offensive and defensive purposes. We cover a broad slice of concepts a modern security engineer must be familiar with, starting with a brief introduction to the C# language. After the introduction, we focus on fuzzing web application vulnerabilities and writing exploits for them. This is followed by C# payloads for pentesters to use for remote command execution and persistence. Then, we move onto security tool automation using true APIs, not just calling programs from the system shell. Finally, we focus on reverse engineering and forensics in the final chapters.
sql-injection fuzzer metasploit payload c-sharp automation mono xamarin security nessus openvas nexpose sqlmap arachni clamav cuckoo-sandbox pentesting blueteam redteamNode lib for interacting with metasploit. MIT. Copy included.
metasploit msf pentest hack exploitThis will start msfconsole with a postgresql server, ready to rock. The postgresql server has already been preloaded with the module cache, so lookups should be fast.
docker kali metasploit zaproxy armitage pentesting securityDocker images for infosec tools
docker-image docker metasploit arachni fierce nikto nmap wireshark wpscan nessus pentest pentest-toolBoth Nmap and Metasploit are constantly adding new scanning capabilities. In addition, developers routinely create custom NSE scripts as well. Searchscan can help you find the script you need to scan what you want. Searchscan will search the local machine for installed Nmap NSE and MSF Auxiliary scripts. In addition, it will search GitHub for Nmap NSE scripts. Building Searchscan is easy and follows a similar pattern to most Golang scripts.
nmap metasploit network-scanningGive fido.py a x86 (32 bit or 64 bit) windows shellcode and it will strip off Stephen Fewer's hash API stub and replace it with something that bypasses EMET Caller and EAF+ checks but keeps the actual API calls in use. Can take input from cmdline (via -s).
shellcode emet metasploit msfvenom iat-parsing4º - reload metasploit database ..
msf-auxiliarys metasploit post-exploitationresource file (metasploit) services exploiter :: (scan/brute-force WAN/LAN protocols)
metasploit resource-files wlan-lan nmap-scripts brute-forceA C/C++ implementation of Microsoft's Antimalware Scan Interface. And then you will have a amsiscanner.exe.
amsi cpp malware amsiscanbuffer amsiinitialize defender amsiscanstring amsiresultismalware rapid7 metasploit
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.