The Top 135 Post Exploitation Open Source Projects on Github

Awesome Open Source

Awesome Open Source

Combined Topics

post-exploitation x

Advertising 📦 9

Application Programming Interfaces 📦 120

Applications 📦 181

Artificial Intelligence 📦 72

Blockchain 📦 70

Build Tools 📦 111

Cloud Computing 📦 79

Code Quality 📦 28

Collaboration 📦 30

Command Line Interface 📦 48

Community 📦 81

Companies 📦 60

Compilers 📦 60

Computer Science 📦 74

Configuration Management 📦 39

Content Management 📦 167

Control Flow 📦 197

Data Formats 📦 77

Data Processing 📦 266

Data Storage 📦 132

Economics 📦 60

Frameworks 📦 198

Graphics 📦 103

Hardware 📦 148

Integrated Development Environments 📦 47

Learning Resources 📦 147

Libraries 📦 119

Lists Of Projects 📦 21

Machine Learning 📦 336

Mapping 📦 61

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 97

Networking 📦 304

Operating Systems 📦 84

Operations 📦 120

Package Managers 📦 52

Programming Languages 📦 229

Runtime Environments 📦 96

Science 📦 42

Security 📦 375

Social Media 📦 26

Software Architecture 📦 70

Software Development 📦 68

Software Performance 📦 57

Software Quality 📦 127

Text Editors 📦 45

Text Processing 📦 131

User Interface 📦 310

User Interface Components 📦 465

Version Control 📦 29

Virtualization 📦 68

Web Browsers 📦 38

Web Servers 📦 25

Web User Interface 📦 194

The Top 135 Post Exploitation Open Source Projects on Github

Categories > Security > Post Exploitation

Fsociety ⭐ 6,857

fsociety Hacking Tools Pack – A Penetration Testing Framework

Hacker Roadmap ⭐ 6,715

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

An open-source post-exploitation framework for students, researchers and developers.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Gtfobins.github.io ⭐ 5,244

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Merlin ⭐ 3,414

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Mimipenguin ⭐ 2,740

A tool to dump the login password from the current linux user

Silenttrinity ⭐ 1,704

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Evilosx ⭐ 1,685

An evil RAT (Remote Administration Tool) for macOS / OS X.

Viper ⭐ 1,429

Open source graphical intranet pentesting tool 开源图形化内网渗透工具

Phpsploit ⭐ 1,395

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Ghost ⭐ 1,256

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Venom ⭐ 1,071

venom - C2 shellcode generator/compiler/handler

Khepri ⭐ 1,049

🔥🔥🔥Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.

Blackmamba ⭐ 688

C2/post-exploitation framework

Bashark ⭐ 637

Bash post exploitation toolkit

Pyexfil ⭐ 563

A Python Package for Data Exfiltration

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Emp3r0r ⭐ 545

linux post-exploitation framework made by linux user

Go Shellcode ⭐ 504

Load shellcode into a new process

Kubesploit ⭐ 501

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

Powerhub ⭐ 462

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Covertutils ⭐ 412

A framework for Backdoor development!

Swap_digger ⭐ 376

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Orc is a post-exploitation framework for Linux written in Bash

Pivotsuite ⭐ 336

Network Pivoting Toolkit

Mssqlproxy ⭐ 329

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

Awesome Cyber Security ⭐ 255

[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Windows Post Exploitation ⭐ 244

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

Leprechaun ⭐ 235

This tool is used to map out the network data flow to help penetration testers identify potentially valuable targets.

Hrshell ⭐ 207

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Fudgec2 ⭐ 199

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Dns Persist ⭐ 192

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Ligolo Ng ⭐ 191

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

[unmaintained] Post-exploitation tool

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Linux post exploitation privilege escalation enumeration

Msf Auxiliarys ⭐ 177

My collection of metasploit auxiliary post-modules

Offensiveph ⭐ 176

OffensivePH - use old Process Hacker driver to bypass several user-mode access controls

Relational database brute force and post exploitation tool for MySQL and MSSQL

Oscp Pentest Methodologies ⭐ 164

备考 OSCP 的各种干货资料/渗透测试干货资料

Zombieant ⭐ 149

Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

Atomic Red Team Intelligence C2 ⭐ 120

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

Awesome Malware ⭐ 118

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Covermyass ⭐ 115

Shell script to cover your tracks on UNIX systems. Designed for pen testing "covering tracks" phase, before exiting the infected server. Or, permanently disable system logs for post-exploitation.

Redpill ⭐ 113

Assist reverse tcp shells in post-exploration tasks

unix SSH post-exploitation 1337 tool

Rpc2socks ⭐ 91

Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.

Hatsploit ⭐ 90

Modular penetration testing platform that enables you to write, test, and execute exploit code.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Alanframework ⭐ 77

A post-exploitation framework

A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies

Search for Unix binaries that can be exploited to bypass system security restrictions.

Herakeylogger ⭐ 61

Chrome Keylogger Extension | Post Exploitation Tool

Sharploginprompt ⭐ 61

Intersect 2.5 ⭐ 58

Post-Exploitation Framework

Postshell ⭐ 57

PostShell - Post Exploitation Bind/Backconnect Shell

Backtome ⭐ 50

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

Ldap Credentials Collector Backdoor Generator ⭐ 50

This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.

Security Tool Chest ⭐ 44

A list of useful security and obvescation tools useful for red and blue teaming activities. A list made possible by the provided references.

A Visual Studio Code Extension agent for Mythic C2

A tool that allows you to search for vulnerable android devices across the world and exploit them.

A shell script that automatically performs a series of *NIX enumeration tasks.

Post exploitation helper

Direct WinAPI calling

Interactive Post Exploitation Tool

Macos Wpa Psk ⭐ 30

PoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.

A Framework meant for the exploitation of iOS devices.

Deathnote ⭐ 26

🔥 Pentest Cheat Sheet

A cross-platform remote access tool

DNS File EXfiltration

Aix For Penetration Testers ⭐ 22

A basic AIX enumeration guide for penetration testers/red teamers

Bifrost C2. Open-source post-exploitation using Discord API

Sudo_sniff ⭐ 21

Steal user's password when running sudo for post-exploitation purposes

Decryptrdcmanager ⭐ 21

.NET 4.0 Remote Desktop Manager Password Gatherer

Tokenplayer ⭐ 20

Manipulating and Abusing Windows Access Tokens.

C2 and Post Exploitation Code

Zetasploit ⭐ 20

Modular penetration testing platform that enables you to write, test, and execute exploit code.

Neutron Framework is a macOS and Linux post-exploitation framework that using one line command and powerful python payload attempts to spawn a command line session with a lot of features such as downloading files, uploading files, getting system information and etc.

Omega Framework is a PHP post-exploitation framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server using only a simple PHP payload. It is a powerful framework capable to maintain access to a compromised web server for privilege escalation purposes.

A windows post exploitation tool that contains a lot of features for information gathering and more.

Utopia Framework is a Linux post-exploitation framework that exploits Linux SSH vulnerability to provide a shell-like connection. Utopia Framework can be used to easily master Linux SSH exploitation.

Torat_client ⭐ 18

This is the ToRat client, a part of the ToRat Project.

Powerexploit ⭐ 16

Post-Exploitation 😎 module for Penetration Tester and Hackers.

mOrc is a post-exploitation framework for macOS written in Bash

log file scrubber

Post-exploitation NTLM password hash extractor

Static Binary Deployer. Download and deploy *Nix utilities on a compromised system.

Arducky - Arduino Ducky Script Interpreter

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

Credit Card Bruteforcer ⭐ 12

Hacks credit card PAN numbers by using partial Hashes, and a list of random PAN [pins]

A modular pentesting framework implemented in C

Post Exploitation ⭐ 11

\ PowerAvails Powershell /

A simple, lightweight Remote Access Tool written in Python

Mythic Crate ⭐ 10

⚔️ 📦 An Ubuntu 18.04 box for Mythic C2 framework development

1-100 of 135 projects

Advertising 📦 9

Application Programming Interfaces 📦 120

Applications 📦 181

Artificial Intelligence 📦 72

Blockchain 📦 70

Build Tools 📦 111

Cloud Computing 📦 79

Code Quality 📦 28

Collaboration 📦 30

Command Line Interface 📦 48

Community 📦 81

Companies 📦 60

Compilers 📦 60

Computer Science 📦 74

Configuration Management 📦 39

Content Management 📦 167

Control Flow 📦 197

Data Formats 📦 77

Data Processing 📦 266

Data Storage 📦 132

Economics 📦 60

Frameworks 📦 198

Graphics 📦 103

Hardware 📦 148

Integrated Development Environments 📦 47

Learning Resources 📦 147

Libraries 📦 119

Lists Of Projects 📦 21

Machine Learning 📦 336

Mapping 📦 61

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 97

Networking 📦 304

Operating Systems 📦 84

Operations 📦 120

Package Managers 📦 52

Programming Languages 📦 229

Runtime Environments 📦 96

Science 📦 42

Security 📦 375

Social Media 📦 26

Software Architecture 📦 70

Software Development 📦 68

Software Performance 📦 57

Software Quality 📦 127

Text Editors 📦 45

Text Processing 📦 131

User Interface 📦 310

User Interface Components 📦 465

Version Control 📦 29

Virtualization 📦 68

Web Browsers 📦 38

Web Servers 📦 25

Web User Interface 📦 194

"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.

All non readme contents or Github based topics or project metadata copyright Awesome Open Source 2018-2021