Post Exploitation
Browse 31 post exploitation tools
FEATURED
Bundled offensive security suites combining pen testing, red teaming, and VM.
Red team toolkit for EDR evasion, initial access, and post-exploitation.
Post-exploitation threat emulation platform for red team operations.
Post-quantum photonic layer security for data-in-transit protection
Managed continuous threat exposure mgmt platform with expert-driven testing
Threat emulation tool for adversary simulations and red team operations
Penetration testing software for simulating attacks and validating vulnerabilities
GraphSpy is a browser-based post-exploitation tool for Azure Active Directory and Office 365 environments that enables token management, reconnaissance, and interaction with Microsoft 365 services.
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
CloudCopy implements a cloud version of the Shadow Copy attack to extract domain user hashes from AWS-hosted domain controllers by creating and mounting volume snapshots.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
A PHP-based command and control framework that maintains persistent web server access through polymorphic backdoors and HTTP header communication tunneling.
A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.
KeeFarce extracts cleartext password database information from KeePass 2.x processes in memory using DLL injection and .NET runtime manipulation.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.
PowerSploit is a PowerShell-based penetration testing framework containing modules for code execution, injection techniques, persistence, and various offensive security operations.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
Open source application for retrieving passwords stored on a local computer with support for various software and platforms.
A comprehensive .NET post-exploitation library designed for advanced security testing.
SharpC2 is a C#-based Command and Control framework that provides remote access capabilities for penetration testing and red team operations.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
