Awesome Open Source
Awesome Open Source
Combined Topics
post-exploitation
x
Advertising
📦 9
All Projects
Application Programming Interfaces
📦 120
Applications
📦 181
Artificial Intelligence
📦 72
Blockchain
📦 70
Build Tools
📦 111
Cloud Computing
📦 79
Code Quality
📦 28
Collaboration
📦 30
Command Line Interface
📦 48
Community
📦 81
Companies
📦 60
Compilers
📦 60
Computer Science
📦 74
Configuration Management
📦 39
Content Management
📦 167
Control Flow
📦 197
Data Formats
📦 77
Data Processing
📦 266
Data Storage
📦 132
Economics
📦 60
Frameworks
📦 198
Games
📦 122
Graphics
📦 103
Hardware
📦 148
Integrated Development Environments
📦 47
Learning Resources
📦 147
Legal
📦 28
Libraries
📦 119
Lists Of Projects
📦 21
Machine Learning
📦 336
Mapping
📦 61
Marketing
📦 15
Mathematics
📦 55
Media
📦 228
Messaging
📦 97
Networking
📦 304
Operating Systems
📦 84
Operations
📦 120
Package Managers
📦 52
Programming Languages
📦 229
Runtime Environments
📦 96
Science
📦 42
Security
📦 375
Social Media
📦 26
Software Architecture
📦 70
Software Development
📦 68
Software Performance
📦 57
Software Quality
📦 127
Text Editors
📦 45
Text Processing
📦 131
User Interface
📦 310
User Interface Components
📦 465
Version Control
📦 29
Virtualization
📦 68
Web Browsers
📦 38
Web Servers
📦 25
Web User Interface
📦 194
The Top 129 Post Exploitation Open Source Projects on Github
Categories
>
Security
>
Post Exploitation
Hacker Roadmap
⭐
7,910
📌 Penetration testing for beginners. A guide for amateur pentesters and a collection of hacking tools, resources and references to practice ethical hacking.
Fsociety
⭐
7,115
fsociety Hacking Tools Pack – A Penetration Testing Framework
Byob
⭐
6,958
An open-source post-exploitation framework for students, researchers and developers.
Pupy
⭐
6,659
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Gtfobins.github.io
⭐
6,153
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Merlin
⭐
3,564
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Mimipenguin
⭐
2,740
A tool to dump the login password from the current linux user
Viper
⭐
1,959
Intranet pentesting tool with webui 开源图形化内网渗透工具 支持主动式&被动式Log4j漏洞扫描
Silenttrinity
⭐
1,727
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Evilosx
⭐
1,685
An evil RAT (Remote Administration Tool) for macOS / OS X.
Phpsploit
⭐
1,532
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Ghost
⭐
1,434
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Khepri
⭐
1,172
Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
Venom
⭐
1,166
venom - C2 shellcode generator/compiler/handler
Blackmamba
⭐
688
C2/post-exploitation framework
Bashark
⭐
649
Bash post exploitation toolkit
Emp3r0r
⭐
639
Linux/Windows post-exploitation framework made by linux user
Torat
⭐
582
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Pyexfil
⭐
563
A Python Package for Data Exfiltration
Go Shellcode
⭐
504
Load shellcode into a new process
Kubesploit
⭐
501
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
Vegile
⭐
493
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Powerhub
⭐
462
A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
Covertutils
⭐
412
A framework for Backdoor development!
Swap_digger
⭐
376
swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Orc
⭐
357
Orc is a post-exploitation framework for Linux written in Bash
Pivotsuite
⭐
336
Network Pivoting Toolkit
Mssqlproxy
⭐
329
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
Windows Post Exploitation
⭐
324
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
Offensiveautoit
⭐
255
Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)
Awesome Cyber Security
⭐
255
[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
Rspet
⭐
251
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Leprechaun
⭐
236
This tool is used to map out the network data flow to help penetration testers identify potentially valuable targets.
Offensiveph
⭐
228
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
Ligolo Ng
⭐
228
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Hrshell
⭐
207
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Fudgec2
⭐
199
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Dns Persist
⭐
192
DNS-Persist is a post-exploitation agent which uses DNS for command and control.
Poet
⭐
187
[unmaintained] Post-exploitation tool
Enumy
⭐
181
Linux post exploitation privilege escalation enumeration
Msf Auxiliarys
⭐
177
My collection of metasploit auxiliary post-modules
Enumdb
⭐
167
Relational database brute force and post exploitation tool for MySQL and MSSQL
Zombieant
⭐
149
Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
Bella
⭐
123
Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Hatsploit
⭐
121
Modular penetration testing platform that enables you to write, test, and execute exploit code.
Redpill
⭐
121
Assist reverse tcp shells in post-exploration tasks
Atomic Red Team Intelligence C2
⭐
120
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Awesome Malware
⭐
118
💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.
Alanframework
⭐
116
A post-exploitation framework
Covermyass
⭐
115
Shell script to cover your tracks on UNIX systems. Designed for pen testing "covering tracks" phase, before exiting the infected server. Or, permanently disable system logs for post-exploitation.
Punk.py
⭐
94
unix SSH post-exploitation 1337 tool
Rpc2socks
⭐
91
Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.
Gtfonow
⭐
78
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Gtfo
⭐
76
Search for Unix binaries that can be exploited to bypass system security restrictions.
Evasor
⭐
76
A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
Sharploginprompt
⭐
61
Herakeylogger
⭐
61
Chrome Keylogger Extension | Post Exploitation Tool
Intersect 2.5
⭐
58
Post-Exploitation Framework
Adbwebkit
⭐
58
Access ADB On Browsers (:
Xena
⭐
57
XENA is the managed remote administration platform for botnet creation & development powered by blockchain and machine learning. Aiming to provide an ecosystem which serves the bot herders. Favoring secrecy and resiliency over performance. It's micro-service oriented allowing for specialization and lower footprint. Join the community of the ultimate Botnet kit.
Postshell
⭐
57
PostShell - Post Exploitation Bind/Backconnect Shell
Backtome
⭐
50
Little tool made in python to create payloads for Linux, Windows and OSX with unique handler
Ldap Credentials Collector Backdoor Generator
⭐
50
This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.
Peh
⭐
34
Post exploitation helper
Venus
⭐
33
A Visual Studio Code Extension agent for Mythic C2
Pxenum
⭐
32
A shell script that automatically performs a series of *NIX enumeration tasks.
Adbnet
⭐
32
A tool that allows you to search for vulnerable android devices across the world and exploit them.
Coilgun
⭐
31
Direct WinAPI calling
Linpwn
⭐
30
Interactive Post Exploitation Tool
Macos Wpa Psk
⭐
30
PoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.
C2pe
⭐
28
C2 and Post Exploitation Code
Ipwn
⭐
28
A Framework meant for the exploitation of iOS devices.
Deathnote
⭐
26
🔥 Pentest Cheat Sheet
Powerexploit
⭐
23
Post-Exploitation 😎 module for Penetration Tester and Hackers.
Dfex
⭐
23
DNS File EXfiltration
Aix For Penetration Testers
⭐
22
A basic AIX enumeration guide for penetration testers/red teamers
Decryptrdcmanager
⭐
21
.NET 4.0 Remote Desktop Manager Password Gatherer
Sudo_sniff
⭐
21
Steal user's password when running sudo for post-exploitation purposes
Bifrost
⭐
21
Bifrost C2. Open-source post-exploitation using Discord API
Tokenplayer
⭐
20
Manipulating and Abusing Windows Access Tokens.
Crowbar
⭐
19
A windows post exploitation tool that contains a lot of features for information gathering and more.
Torat_client
⭐
18
This is the ToRat client, a part of the ToRat Project.
Morc
⭐
15
mOrc is a post-exploitation framework for macOS written in Bash
Soapy
⭐
14
log file scrubber
Credit Card Bruteforcer
⭐
12
Hacks credit card PAN numbers by using partial Hashes, and a list of random PAN [pins]
Sbd
⭐
12
Static Binary Deployer. Download and deploy *Nix utilities on a compromised system.
Ntlmx
⭐
12
Post-exploitation NTLM password hash extractor
Arducky
⭐
12
Arducky - Arduino Ducky Script Interpreter
Burn
⭐
12
[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Post Exploitation
⭐
11
\ PowerAvails Powershell /
Apollo
⭐
11
A simple, lightweight Remote Access Tool written in Python
Ppf
⭐
11
A modular pentesting framework implemented in C
C2_server
⭐
11
C2 server to connect to a victim machine via reverse shell
Mythic Crate
⭐
10
⚔️ 📦 An Ubuntu 18.04 box for Mythic C2 framework development
Ed
⭐
10
Ed is a tool used to identify and exploit accessible UNIX Domain Sockets
6 Eyed Spider
⭐
9
Post-exploitation tool collects data going out and coming into the browser and make use of it.
Efes
⭐
9
Proof of concept demo for a tool that listens for keywords, and records audio to a file.
Urchin
⭐
7
🐚💥 Python socket remote shell that lets you connect to others computers through the shell when they run the client.
Cobalt Strike Aggressor Script Collection
⭐
7
Cobalt Strike automation scripts collection
Zero To Hero Hacking
⭐
6
A comprehensive, live guide to computer hacking. This is a continuous WIP and is largely incomplete as of now.
1-100 of 129 projects
Next >
Advertising
📦 9
All Projects
Application Programming Interfaces
📦 120
Applications
📦 181
Artificial Intelligence
📦 72
Blockchain
📦 70
Build Tools
📦 111
Cloud Computing
📦 79
Code Quality
📦 28
Collaboration
📦 30
Command Line Interface
📦 48
Community
📦 81
Companies
📦 60
Compilers
📦 60
Computer Science
📦 74
Configuration Management
📦 39
Content Management
📦 167
Control Flow
📦 197
Data Formats
📦 77
Data Processing
📦 266
Data Storage
📦 132
Economics
📦 60
Frameworks
📦 198
Games
📦 122
Graphics
📦 103
Hardware
📦 148
Integrated Development Environments
📦 47
Learning Resources
📦 147
Legal
📦 28
Libraries
📦 119
Lists Of Projects
📦 21
Machine Learning
📦 336
Mapping
📦 61
Marketing
📦 15
Mathematics
📦 55
Media
📦 228
Messaging
📦 97
Networking
📦 304
Operating Systems
📦 84
Operations
📦 120
Package Managers
📦 52
Programming Languages
📦 229
Runtime Environments
📦 96
Science
📦 42
Security
📦 375
Social Media
📦 26
Software Architecture
📦 70
Software Development
📦 68
Software Performance
📦 57
Software Quality
📦 127
Text Editors
📦 45
Text Processing
📦 131
User Interface
📦 310
User Interface Components
📦 465
Version Control
📦 29
Virtualization
📦 68
Web Browsers
📦 38
Web Servers
📦 25
Web User Interface
📦 194
Privacy policy
"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.
