SILENTTRINITY
SILENTTRINITY is a modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework powered by Python 3 and .NETs DLR. It's the culmination of an extensive amount of research into using embedded third-party .NET scripting languages to dynamically call .NET API's, a technique the author coined as BYOI (Bring Your Own Interpreter). The aim of this tool and the BYOI concept is to shift the paradigm back to PowerShell style like attacks (as it offers much more flexibility over traditional C# tradecraft) only without using PowerShell in anyway. Some of the main features that distinguish SILENTTRINITY are: Multi-User & Multi-Server - Supports multi-user collaboration. Additionally, the client can connect to and control multiple Teamservers. Client and Teamserver Built in Python 3.7 - Latest and greatest features of the Python language are used, heavy use of Asyncio provides ludicrous speeds. Real-time Updates and Communication - Use of Websockets allow for real-time communication and updates between the Client and Teamserver. Focus on Usability with an Extremely Modern CLI - Powered by prompt-toolkit. Dynamic Evaluation/Compilation Using .NET Scripting Languages
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A red team planning framework document that guides exercise preparation with emphasis on blue team value, stakeholder engagement, and avoiding negative motivational approaches.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.