Empire is regarded as one of the most useful frameworks by many penetration testers. It has many different powershell and python agents...
Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security...
Bashark aids pentesters and security researchers during the post-exploitation phase of security audits. Usage To launch Bashark on compromised host, simply source...
A post-exploitation agent powered by Python, IronPython, C#/.NET. Requirements Server requires Python >= 3.7 SILENTTRINITY C# implant requires .NET >= 4.5 How...
SharpSploit is a .NET post-exploitation library written in C# that aims to highlight the attack surface of .NET and make the use...
Fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool...
XSStrike is an open source tool that detects Cross Site Scripting vulnerabilities and exploits them. The tool is equipped with a powerful...
CrackMapExec(CME) is a post exploitation tool that can be used for tasks like cracking administrative rights and mapping active directory networks. Active...
Bashark aids Pentesters and Security Researchers during the post-exploitation phase of security audits. Usage To launch Bashark on compromised host, simply source...
Merlin is post-exploitation tool that is easily cross-compiled to run on any platform to achieve command and control of a host. Quick Start...
BSQLinjector is a Blind SQL injection exploitation tool written in ruby. It uses blind method to retrieve data from SQL databases. I...
Sqlmap is an open source tool used to test the SQL injection vulnerabilities within web applications. The tool requires Python 2.6.x and...
Expliot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be...
Commix is a command injection exploitation tool used for testing command injection vulnerabilities in web applications. Command injection, also known as shell...
A pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX. Features Emulate a simple terminal instance Undetected by anti-virus (OpenSSL AES-256 encrypted...
PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It...
Hackers can exploit the vulnerability in iTunes’ Wi-Fi Sync feature and spy on iPhone users. We already have told our readers about the...
p0wnedShell is an offensive PowerShell host application written in C# that does not rely on powershell.exe but runs powershell commands and functions...
REXT is a toolkit for easy creation and usage of various python scripts that work with embedded devices. Requirements: requests paramiko beautifulsoup4...
XSStrike is an advanced XSS detection and exploitation suite. It has a powerful fuzzing engine and provides zero false positive result using...
XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false positive result using fuzzy matching....