Kubesploit – A Cross-Platform Post-Exploitation HTTP/2 Command And Control Server And Agent Written In Golang

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl (@Ne0nd0g). Our Motivation While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities inRead More

StandIn – A Small .NET35/45 AD Post-Exploitation Toolkit

[*] StandIn is a small AD post-compromise toolkit. StandIn came about because recently at xforcered we needed a .NET native solution to perform resource based constrained delegation. However, StandIn quickly ballooned to include a number of comfort features. I want to continue developing StandIn to teach myself more about Directory Services programming and to hopefullyRead More

Emp3R0R – Linux Post-Exploitation Framework Made By Linux User

linux post-exploitation framework made by linux user Still under active development 中文介绍 check my blog for updates how to use what to expect (in future releases) packer: cryptor + memfd_create packer: use shm_open in older Linux kernels dropper: shellcode injector – python injector: inject shellcode into another process, using GDB port mapping: forward from CCRead More

Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device

About Ghost Framework Ghost Framework is an Android post-exploitation framework that exploits theAndroid Debug Bridge to remotely access an Android device. Ghost Frameworkgives you the power and convenience of remote Android device administration. Getting started Ghost installation To install Ghost Framework you shouldexecute the following commands. cd ghost chmod +x install.sh ./install.sh Ghost uninstallation ToRead More

DeimosC2 – A Golang Command And Control Framework For Post-Exploitation

DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front end written in Vue.js.Listener Features Each listener hasRead More

PowerSploit – A PowerShell Post-Exploitation Framework

PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. PowerSploit is comprised of the following modules and scripts:CodeExecutionExecute code on a target machine. Invoke-DllInjectionInjects a Dll into the process ID of your choosing. Invoke-ReflectivePEInjectionReflectively loads a Windows PE file (DLL/EXE) in toRead More

ProjectOpal – Stealth Post-Exploitation Framework For WordPress

Stealth post-exploitation framework for WordPress CMSOfficial ProjectOpal Repository. What is it and why was it made?We intentionally made it for our penetration testing jobs however its getting grey hairs now so we thought we would like to pass it on to the public!. ProjectOpal or Opal. Is a stealth post exploit framework for wordpress sitesRead More