Warning: Because payloads are created unique to the target system (automatically by the server), the server must be running when any bot connects for the first time. For more information on SemVer, please visit https://semver.org/.
rat reverse-shell macosx mac backdoor osx post-exploitation pentestingMerlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. To facilitate ease of use, a TLS X.509 private and public certificate is distributed with Merlin. This allows a user to start using Merlin right away. However, this key is widely distributed and is considered public knowledge. You should generate your own certificates and replace the default certificates that ship with Merlin. The default location for the certificates is the data/x509 directory. The openssl command can be used from a Linux system to generate a key pair.
http2 command-and-control c2 post-exploitation agentFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
backdoor persistence hacking blackhat post-exploitation stealth privilege-escalation webshell php-backdoor web-hacking c2 hacktool command-and-control hacking-framework redteam php-webshell php-webshell-backdoor advanced-persistent-threatGTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. Browse the project here.
post-exploitation unix bypass gtfobins binaries reverse-shell bind-shell exfiltration redteam blueteamlinux post-exploitation framework made by linux user
rootkit malware rat post-exploitation stealth hacking-tool redteaming redteam trojan-malware emp3r0rvenom (metasploit) shellcode generator/compiler/listener
metasploit msfvenom shellcode compiler handler post-exploitationThe Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules. It is very easy to use, quick, saves time and fully automated which generates for you a report including description, screenshots and mitigations suggestions, suites for both blue and red teams in the assessment of a post-exploitation phase. Download the Evasor project and complie it. Verify to exclude from the project the App.config file from the reference tree.
post-exploitation penetration-testing-tools bypass-applocker-policies full-automatedThis project is no longer mantained and has not been updated since 2012-2013. There were plans for a future release, but life happened. That may still happen. The code does exist.. I just need to find some time to finish parts, perform testing, etc. Please refer to the Docs directory for a detailed README, Guide documentation and a How-To on writing custom modules.
penetration-testing post-exploitation python-frameworkThe use of the HeraKeylogger is COMPLETE RESPONSIBILITY of the END-USER. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program. "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." Taken from LICENSE.
keylogger chrome python3 post-exploitation4º - reload metasploit database ..
msf-auxiliarys metasploit post-exploitationA simple POst-Exploitation Tool. This is just a small sample of what Poet can do.
rat post-exploitation pentest beacon securityThis is a program to run shellcode as its own process, all from memory. This was written to defeat anti-virus detection. Keep in mind that only 64bit shellcode will run in a 64bit process. This can't autodetect your shellcode architecture.
shellcode redteam post-exploitationThis repository is a guide for amateurs pen testers and a summary of hacking tools, resources and references to practice ethical hacking, pen testing and web security. Most of these tools are UNIX compatible and MIT licensed. Note that Linux is the best operating system to practice ethical hacking. Penetration testing is a type of security testing that is used to test the insecurity of an application. It is conducted to find the security risk which might be present in the system.
hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation vulnerabilities information-gatheringDNS-Persist is a post-exploitation agent which uses DNS for command and control. The server-side code is in Python and the agent is coded in C++. This is the first version, more features and improvements will be made in the future. DO NOT USE THIS SOFTWARE FOR ILLEGALL PURPOSES.
pentesting post-exploitation redteamBecause monolithic offensive tools are never enough and building your own offensive strategies and tools is fun. THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
evasion redteaming post-exploitation dfirShell script to cover your tracks on UNIX systems. Designed for pen testing "covering tracks" phase, before exiting the infected server. Or, permanently disable system logs for post-exploitation. You can now use the tool using the executable.
bash cli history hacking ctf post-exploitation command-line-tool bash-script pentest tracks ctf-challengesThis repo is apart of the warmind project for a clone of the code see here or you can get the code from here. For a version you can download with curl/wget see here. What soa.py does is create a sort of container that will host a root terminal shell while the log files are being monitored (default logs: /var/log). After you have completed your session, the log files are scrubbed back to the second soa.py was launched.
post-exploitation hiding log-files log-file-scrubbing
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.