WindowsExploits
A collection of precompiled Windows exploits for privilege escalation.
If you're lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you'll probably want an interactive shell. If it's not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either throwing back a reverse shell or binding a shell to a TCP port. This page deals with the former. Your options for creating a reverse shell are limited by the scripting languages installed on the target system – though you could probably upload a binary program too if you're suitably well prepared. The examples shown are tailored to Unix-like systems. Some of the examples below should also work on Windows if you use substitute "/bin/sh -i" with "cmd.exe". Each of the methods below is aimed to be a one-liner that you can copy/paste. As such they're quite short lines, but not very readable.
A collection of precompiled Windows exploits for privilege escalation.
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
Python Exploit Development Assistance for GDB with enhanced debugging features and commands for exploit development.
A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.
A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.