Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
This project is a comprehensive command-line reference and toolkit designed for Linux system administration and network security assessment. It provides a collection of technical snippets and operational guides focused on managing remote environments, orchestrating shell sessions, and executing administrative tasks through native terminal utilities. The repository distinguishes itself by offering specialized techniques for stealthy operations and infrastructure manipulation. It covers methods for establishing encrypted tunnels to bypass firewalls, obfuscating process identities and command hi
OffensiveRust is a red team toolkit and malware development kit written in Rust. It serves as an evasion framework and post-exploitation library, providing a collection of offensive security primitives and a Windows API wrapper for interacting with low-level system functions and undocumented APIs. The project focuses on bypassing security software through direct system calls, memory obfuscation, and stealthy payload execution. It implements techniques to defeat static binary analysis via compile-time string encryption and payload obfuscation, while avoiding detection using parent process ID s
jexboss is a Java deserialization exploit framework and network vulnerability scanner designed to identify and exploit deserialization flaws to achieve remote code execution on target servers. It functions as a suite of tools for delivering payloads and executing system commands on vulnerable remote applications. The project includes a reverse shell orchestrator to establish and maintain persistent remote command connections from exploited targets back to a listener. It also provides post-exploitation automation for managing remote access and updating software on compromised systems. The fra
This project consists of PHP-based payloads and scripts designed to establish reverse network connections for remote shell access. It functions as a remote command execution tool used during security auditing to gain an interactive shell on a web server.
The main features of pentestmonkey/php-reverse-shell are: Reverse Shells, Shell Command Execution, Remote Command Execution, Input and Output Stream Control, Socket Networking, Payloads, Remote Command Execution Tools, Penetration Testing.
Open-source alternatives to pentestmonkey/php-reverse-shell include: samratashok/nishang — Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows… hackerschoice/thc-tips-tricks-hacks-cheat-sheet — This project is a comprehensive command-line reference and toolkit designed for Linux system administration and… trickster0/offensiverust — OffensiveRust is a red team toolkit and malware development kit written in Rust. It serves as an evasion framework and… t3l3machus/hoaxshell — Hoaxshell is a command and control system for Windows remote command execution. It provides a framework for generating… joaomatosf/jexboss — jexboss is a Java deserialization exploit framework and network vulnerability scanner designed to identify and exploit… agent-infra/sandbox — This project provides secure, containerized infrastructure designed for autonomous agents, remote code execution, and…