Metasploit Payloads Logo

Metasploit Payloads

0
Free
Visit Website

A unified repository for different Metasploit Framework payloads. This is a unified repository for different Metasploit Framework payloads, which merges these repositories: * C Windows Meterpreter * Java and Android Meterpreter * Payloads An alternate cross-platform C Meterpreter, called Mettle, is developed at https://github.com/rapid7/mettle See the individual directories for meterpreter-specific README, build instructions and license details: * C Windows/Linux Meterpreters * Java/Android Meterpreters * Payloads For Python and PHP Meterpreter, you can test changes to these files by symlinking the associated files to ~/.msf4/payloads/meterpreter. As an example, here is how this might look like for a Python Meterpreter: ``` mkdir ~/.msf4/payloads # If this doesn't exist already cd ~/git/metasploit-payloads ln -s /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py file ~/.msf4/payloads/meterpreter/ext_server_stdapi.py /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py: symbolic link to /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py If things went right, you should now be able to run the meterpreter payload. ```

FEATURES

ALTERNATIVES

A Go client to communicate with Chaos DB API

An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.

Tool for exploiting Sixnet RTUs to gain root level access with little effort.

A suite of tools for Wi-Fi network security assessment and penetration testing.

Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.

A tool for performing hash length extension attacks against multiple hashing algorithms.

Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.

A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.

PINNED