Pupy
Pupy is an open-source, cross-platform C2 and post-exploitation framework written in Python and C, allowing for remote access and control of compromised systems across various operating systems, including Windows, Linux, OSX, and Android. It provides a range of features, including remote shell access, file management, and process manipulation, making it a powerful tool for penetration testers and red teams. Pupy's modular design and extensible architecture enable users to create custom plugins and modules, expanding its capabilities and versatility. Additionally, Pupy supports multiple communication protocols, including HTTP, HTTPS, and DNS, ensuring secure and reliable communication between the compromised system and the command and control server.
FEATURES
SIMILAR TOOLS
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
An open-source penetration testing framework for social engineering with custom attack vectors.
A credit card/magstripe spoofer that can emulate any magnetic stripe or credit card wirelessly.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
Emulates Docker HTTP API with event logging and AWS deployment script.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.
Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.