4 Repos
Specialized extensions used during the post-exploitation phase to perform tasks like memory injection and credential dumping.
Distinct from Host Execution Plugins: Existing candidates focus on general software plugins or sandboxed execution, whereas these are specifically for offensive post-exploitation tasks.
Explore 4 awesome GitHub repositories matching security & cryptography · Post-Exploitation Plugins. Refine with filters or upvote what's useful.
Dieses Projekt ist eine kuratierte Sammlung von Tools, Skripten und technischen Leitfäden, die entwickelt wurden, um offensive Sicherheitsoperationen mit Cobalt Strike zu verbessern. Es dient als Ressourcen-Hub für die Verwaltung von Command-and-Control-Infrastrukturen und die Bereitstellung von Sicherheitseinsätzen. Die Sammlung enthält Toolkits zur Umgehung von Endpoint-Detection-and-Response-Systemen sowie Bibliotheken zur Automatisierung von Red-Team-Aufgaben wie Aufklärung und Host-Enumeration. Sie bietet Ressourcen für die Entwicklung von Post-Exploitation-Frameworks, wobei der Fokus speziell auf der Erstellung reflektierender Bibliotheken und speicherresidentem Code liegt. Das Repository deckt ein breites Spektrum an operativen Fähigkeiten ab, einschließlich der Anpassung von Netzwerkverkehr zur Vermeidung von Erkennung, Speicherforensik für die Infrastrukturanalyse und verschiedener Techniken zur Shellcode-Obfuskation. Es enthält zudem Anleitungen für die Konfiguration von Command-and-Control-Servern und die Durchführung von Host-Prozess-Injektionen.
Provides resources for developing specialized extensions used for memory injection and credential dumping during post-exploitation.
Godzilla is a post-exploitation toolkit and webshell management framework designed for remote administration, credential extraction, and memory shell injection. It provides a centralized platform to deploy, control, and monitor encrypted remote access scripts across multiple server environments. The project differentiates itself through a memory shell injector that loads binaries and shellcode directly into server memory to avoid disk-based detection. It also employs polyglot payload injection, deploying encrypted scripts across various language environments to maintain persistent connections
Executes modular post-exploitation plugins for credential theft, privilege escalation, and memory injection.
Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific exe
Provides specialized plugins for the post-exploitation phase to create persistence backdoors and install keyloggers.
BloodHound is an identity risk management platform and graph-based attack path analyzer used to map identity relationships and permissions in Active Directory. It functions as a security tool for auditing directory services, uncovering unintended privilege relationships, and visualizing sequences of permissions that can lead to domain compromise. The project differentiates itself as a comprehensive adversary emulation framework that coordinates remote agents and executes post-exploitation commands. It includes a reverse proxy for bypassing multi-factor authentication via real-time session hij
Runs tasks such as process injection and credential harvesting across multiple operating systems.