#Post-exploitation

Showing 60 of 75 repositories tagged #post-exploitation, ranked by stars

sundowndev
sundowndev
hacker-roadmap

A collection of hacking tools, resources and references to practice ethical hacking.

Score
98
★ 15.5k ⑂ 1.7k +23/day
Manisso
Manisso
fsociety

fsociety Hacking Tools Pack – A Penetration Testing Framework

Score
92
★ 12.2k ⑂ 2.1k +17/day
Python
malwaredllc
malwaredllc
byob

An open-source post-exploitation framework for students, researchers and developers.

Score
100
★ 9.5k ⑂ 2.2k
Python
n1nj4sec
n1nj4sec
pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Score
83
★ 9.0k ⑂ 1.9k
Python
Ne0nd0g
Ne0nd0g
merlin

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Score
50
★ 5.6k ⑂ 838
Go
FunnyWolf
FunnyWolf
Viper

Adversary simulation and Red teaming platform with AI

Score
0
★ 5.1k ⑂ 668 +5/day
nicocha30
nicocha30
ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Score
100
★ 4.7k ⑂ 445 +12/day
Go
EntySec
EntySec
Ghost

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Score
100
★ 3.4k ⑂ 1.1k +3/day
Python
nil0x42
nil0x42
phpsploit

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Score
88
★ 2.5k ⑂ 470 +2/day
Python
Marten4n6
Marten4n6
EvilOSX

An evil RAT (Remote Administration Tool) for macOS / OS X.

Score
50
★ 2.4k ⑂ 486 +2/day
Python
byt3bl33d3r
byt3bl33d3r
SILENTTRINITY

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Score
42
★ 2.3k ⑂ 427
Boo
MegaManSec
MegaManSec
SSH-Snake

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

Score
100
★ 2.3k ⑂ 221
Shell
loseys
loseys
BlackMamba

C2/post-exploitation framework

Score
25
★ 1.2k ⑂ 178
Python
AdrianVollmer
AdrianVollmer
PowerHub

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Score
67
★ 826 ⑂ 126
PowerShell
ytisf
ytisf
PyExfil

PyExfil — Python 3 toolkit for researching and stress-testing data exfiltration techniques across network, physical, and steganographic channels. For red team simulation and DLP detection testing.

Score
75
★ 809 ⑂ 145
Python
brimstone
brimstone
go-shellcode

Load shellcode into a new process

Score
0
★ 763 ⑂ 120
Go
jxroot
jxroot
adbwebkit

ADB For Hackers (:

Score
50
★ 747 ⑂ 123 +4/day
JavaScript
EntySec
EntySec
SeaShell

SeaShell Framework is an iOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive information.

Score
0
★ 712 ⑂ 98 +2/day
Python
b23r0
b23r0
Heroinn

A cross platform C2/post-exploitation framework.

Score
0
★ 711 ⑂ 222
Rust
Marven11
Marven11
EtherGhost

新一代Webshell管理器,兼容蚁剑与冰蝎的PHP webshell

Score
94
★ 684 ⑂ 52
Python
Frissi0n
Frissi0n
GTFONow

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

Score
96
★ 636 ⑂ 74
Python
mazen160
mazen160
shennina

Automating Host Exploitation with AI

Score
0
★ 555 ⑂ 103
Python
emilyanncr
emilyanncr
Windows-Post-Exploitation

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

Score
84
★ 546 ⑂ 118
sevagas
sevagas
swap_digger

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Score
76
★ 537 ⑂ 88
Shell
ttpreport
ttpreport
ligolo-mp

Multiplayer pivoting solution

Score
92
★ 524 ⑂ 55
Go
lepotekil
lepotekil
MsfMania

Python AV Evasion Tools

Score
33
★ 514 ⑂ 76
Python
enkomio
enkomio
AlanFramework

A C2 post-exploitation framework

Score
70
★ 488 ⑂ 73 +1/day
Assembly
RedTeamOperations
RedTeamOperations
PivotSuite

Network Pivoting Toolkit

Score
72
★ 460 ⑂ 92
Python
UndeadSec
UndeadSec
HeraKeylogger

Chrome Keylogger Extension | Post Exploitation Tool

Score
17
★ 448 ⑂ 113
Python
sundowndev
sundowndev
covermyass

Post-exploitation tool to cover your tracks on a compromised machine (beta)

Score
62
★ 431 ⑂ 63
Go
0x1CA3
0x1CA3
AdbNet

A tool that allows you to search for vulnerable android devices across the world and exploit them.

Score
68
★ 429 ⑂ 75
Python
ARCANGEL0
ARCANGEL0
EVA

EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

Score
58
★ 425 ⑂ 80 +7/day
Python
not-sekiun
not-sekiun
PyIris

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

Score
8
★ 326 ⑂ 65
Python
The-Z-Labs
The-Z-Labs
bof-launcher

[ BOF-LAUNCHER ] -> an API for loading, executing and in-memory masking BOFs on Windows and Linux for use in C/Zig/Go/Rust agents/implants. [ Z-BEAC0N ] -> a custom-written stage-1 (aka pre-C2) solution engineered with a small footprint, stealth and modularity in mind. [ DEVELOPED BOFS ] -> cross-platform (12), Linux-only (10), Win-only (2)

Score
90
★ 324 ⑂ 28 +1/day
Zig
Geeoon
Geeoon
DNS-Tunnel-Keylogger

Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.

Score
54
★ 277 ⑂ 45
Python
fabacab
fabacab
awesome-malware

:computer::warning: A curated collection of awesome malware, botnets, and other post-exploitation tools.

Score
52
★ 272 ⑂ 36
panagiks
panagiks
RSPET

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Score
60
★ 263 ⑂ 81
Python
luke-goddard
luke-goddard
enumy

Linux post exploitation privilege escalation enumeration

Score
100
★ 257 ⑂ 30
C
Ziconius
Ziconius
FudgeC2

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Score
0
★ 254 ⑂ 51
Python
chrispetrou
chrispetrou
HRShell

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Score
58
★ 249 ⑂ 69
Python
cypherpunk-symposium
cypherpunk-symposium
security-pentesting-toolkit

👾 a decade of resources for security researchers: pentesting, CTF, wargames, cryptography, forensics, reverse engineering, IoCs, botnets, cloud hacking, linux hacking, steganography, vulnerabilities, etc.

Score
86
★ 240 ⑂ 25
C
brows3r
brows3r
iPwn

A Framework meant for the exploitation of iOS devices.

Score
48
★ 234 ⑂ 36
Python
FazalMahmood
FazalMahmood
ghost

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Score
44
★ 154 ⑂ 36 +3/day
Python
bitgodhack
bitgodhack
AndroidHack_BackDoor

Android-BackDoor is a python and shell script that simplifies the process of adding a backdoor to any Android APK file. It also exploits the Android Debug Bridge to remotely access an Android device.

Score
82
★ 142 ⑂ 32 +1/day
Smali
r3vn
r3vn
punk.py

unix SSH post-exploitation 1337 tool

Score
40
★ 142 ⑂ 29
Python
Straw-Hat-Hacks
Straw-Hat-Hacks
periodic-table-offensive-security

A visual reference of 118 essential red team tools, frameworks & standards, organized like a periodic table. Includes a printable PDF version.

Score
66
★ 136 ⑂ 21
HTML
bitgodhack
bitgodhack
exploit

This is An Offensive Hacking Tool which can be used by hackers and for penetration testing purposes. Hack Responsibly!!!!!!!

Score
78
★ 131 ⑂ 16 +2/day
Python
chainski
chainski
ForceAdmin

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠

Score
80
★ 119 ⑂ 19
AutoIt
landoncrabtree
landoncrabtree
awesome-cyber

A curated list of tools useful within the field of cyber security, for both blue and red team operations.

Score
38
★ 106 ⑂ 9
rek7
rek7
postshell

PostShell - Post Exploitation Bind/Backconnect Shell

Score
36
★ 81 ⑂ 19
C
jxroot
jxroot
ReHTTP

Simple Powershell Http shell With WEB UI

Score
32
★ 76 ⑂ 8
PHP
MythicAgents
MythicAgents
venus

A Visual Studio Code Extension agent for Mythic C2

Score
0
★ 74 ⑂ 11
Python
malwarekid
malwarekid
OnlyShell

A powerful Go-based multi-shell handler for managing multiple reverse shell connections simultaneously with features like shell type detection, background management, command broadcasting, and real-time interaction.

Score
64
★ 67 ⑂ 12
Go
t1b4n3
t1b4n3
TibaneC2

A lightweight Command and Control (C2) framework built for offensive security research and red teaming (Post Exploitation).

Score
56
★ 67 ⑂ 9
C
brows3r
brows3r
Crowbar

A windows post exploitation tool that contains a lot of features for information gathering and more.

Score
28
★ 47 ⑂ 9
Python
shawnduong
shawnduong
PXEnum

A shell script that automatically performs a series of *NIX enumeration tasks.

Score
24
★ 43 ⑂ 9
Shell
h4rithd
h4rithd
PrecompiledBinaries

Curated precompiled Windows and Linux binaries for authorized pentesting, red teaming, Active Directory testing, privilege escalation labs, and post-exploitation research.

Score
74
★ 41 ⑂ 15 +2/day
PowerShell
techchipnet
techchipnet
Clipboard-Hijacker

The Clipboard Hijacker Payload aims to monitor, capture, and potentially manipulate clipboard data on a target machine.

Score
26
★ 36 ⑂ 14
PowerShell
brat-volk
brat-volk
MagikIndex

Advanced Keylogger / Info Grabber written in C++.

Score
18
★ 34 ⑂ 4
C++
ShubhamJagtap2000
ShubhamJagtap2000
Metasploit-Tutorial

👽 Metasploit is the most widely used open-source exploitation framework. Learn how to use it and unlock its full potential.

Score
22
★ 33 ⑂ 9
Related Topics
#hacking#pentesting#security#c2#redteam#cybersecurity#penetration-testing#python#offensive-security#security-tools#red-team#hacking-tool

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly