17 repositorios
Techniques for downloading and executing scripts on a target machine from a remote source.
Distinct from Live Script Execution: Candidates focus on inline JS or SQL scripts; this is about remote delivery and execution of system scripts (PowerShell).
Explore 17 awesome GitHub repositories matching security & cryptography · Remote Script Execution. Refine with filters or upvote what's useful.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Downloads scripts from a URL and executes them on target systems via memory or disk.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Runs executable files or scripts on local or remote systems to bypass security controls.
Empire is a post-exploitation framework and command and control server designed to manage remote access agents. It provides a centralized system for coordinating these agents and executing specialized scripts across target systems. The project functions as a security evasion tool by adapting network communication patterns to bypass firewalls and monitoring tools. It utilizes a multi-language agent runtime and a modular plugin architecture to execute payloads across different operating systems. The framework covers a broad range of operational capabilities, including remote agent orchestratio
Executes targeted scripts on remote hosts for intelligence gathering and privilege escalation.
ClearML is a comprehensive MLOps platform designed to manage the end-to-end machine learning lifecycle, from initial experimentation to production deployment. It provides a suite of integrated tools including a pipeline orchestrator for automating workflows, an experiment tracking tool for logging hyperparameters and metrics, and a metadata-driven data versioning system for managing large-scale datasets and model artifacts. The platform is distinguished by its advanced compute management and serving capabilities. It features a GPU compute manager that supports fractional resource slicing and
Provides a command line interface for running scripts on remote machines without modifying source code.
Faraday is a vulnerability management platform and security tool aggregator designed to centralize security findings from multiple scanners into a single dashboard. It utilizes a relational security database to catalog hosts, services, and security flaws, enabling users to track remediation and analyze organizational risk. The platform distinguishes itself through a plugin-based system that normalizes diverse security tool outputs into a unified data model. It supports deep integration with a wide array of scanners and CLI tools, intercepting shell command output or parsing report files to ag
Manages the deployment and execution of security scanners across remote agents to collect vulnerability data centrally.
Osmedeus is a security workflow orchestration engine that coordinates AI agents, shell commands, and scanning tools through declarative YAML pipelines. It functions as a distributed security scanner, a declarative workflow automator, and an AI agent framework for security, enabling automated multi-step security analysis with conditional branching, parallel execution, and distributed workers. The engine distinguishes itself through a hybrid runner model that executes workflow steps on the local host, inside Docker containers, or over SSH to remote machines, selected per step or module. It supp
Executes security workflows across cloud infrastructure, Docker containers, and remote SSH hosts with artifact persistence.
K8tools is a multi-stage attack framework that combines memory-only payload execution, credential testing, port forwarding, privilege escalation, and physical USB-based keystroke injection for comprehensive system compromise. At its core, the Ladon PowerShell module loads a multi-function scanner directly into memory, enabling command execution without writing files to disk, while supporting memory-only payload delivery that downloads and runs obfuscated shellcode or PowerShell commands to evade antivirus detection. The framework distinguishes itself through its breadth of integrated capabili
Downloads and executes the Ladon scanner from a remote URL directly in memory without writing to disk.
This is a GitHub Action that executes shell commands on remote servers over SSH as part of a CI/CD pipeline. It supports authentication using passwords, private keys, or private keys with passphrases, and can verify the SHA256 fingerprint of the remote host's public key before connecting to prevent man-in-the-middle attacks. The action can connect to multiple remote hosts in a single workflow step, optionally executing commands synchronously across all of them. It also supports routing SSH connections through an intermediate jump host to reach target servers in restricted networks. Environmen
Sends selected or all CI runner environment variables to remote shell sessions for use in commands.
Este repositorio contiene el libro de texto digital y materiales complementarios para la educación en machine learning probabilístico. Proporciona texto estructurado y materiales de estudio guiados que cubren los fundamentos matemáticos de la probabilidad y las redes neuronales. El proyecto enfatiza la reproducibilidad a través de una colección de notebooks interactivos y scripts independientes utilizados para recrear gráficos y figuras de datos del texto. Estos materiales se alojan en entornos externos para permitir a los usuarios ejecutar código complejo de machine learning sin instalación local. La superficie educativa incluye diapositivas de conferencias, soluciones de ejercicios y documentos complementarios que proporcionan detalles técnicos adicionales. El contenido se organiza utilizando una estructura basada en markdown y se gestiona mediante control de versiones para mantener la consistencia a través de las ediciones del libro.
Provides specialized scripts to regenerate figures and perform computations described in the text.
This repository is a library of scripts for automating keystroke injection and executing remote payloads via USB HID devices. It provides a collection of pre-written automation sequences that simulate keyboard input to perform complex tasks on target operating systems. The framework supports cross-platform payloads capable of detecting target operating systems and adapting keyboard layouts for accurate character injection across different regions. It utilizes a staged payload method to download and execute external code from remote servers, extending the functionality of initial scripts. The
Uses initial scripts to download and execute additional system-level code from a remote source.
This project is a red teaming knowledge base and offensive security playbook designed to simulate adversary behavior. It serves as a comprehensive collection of technical guides and tactics for executing red team operations. The repository provides detailed instructions for Active Directory exploitation, including Kerberos abuse and domain privilege escalation. It covers defense evasion through API unhooking and payload obfuscation, as well as Windows internals research involving the manipulation of kernel objects and system memory. The capability surface extends to network penetration testi
Provides techniques for bypassing PowerShell language mode constraints to execute restricted scripts.
pad.ws es un entorno de desarrollo basado en web que integra un editor de código y una terminal con un lienzo visual compartido para bocetos. Funciona como un entorno de desarrollo remoto y un espacio de programación visual colaborativa donde los equipos pueden mapear conceptos arquitectónicos y escribir código dentro de una única interfaz. El proyecto cierra la brecha entre el diseño y la ejecución combinando una pizarra digital con un entorno de desarrollo en la nube. Esto permite a los usuarios realizar planificación visual de software e ideación técnica vinculando bocetos en un lienzo interactivo directamente con el código de implementación. La plataforma proporciona capacidades para el desarrollo en IDE en la nube y gestión de entornos remotos. Esto incluye un espacio de trabajo accesible desde el navegador que se conecta a máquinas virtuales en la nube para ejecutar comandos y gestionar archivos de forma remota.
Provides a web interface for running commands and scripts on remote machines via persistent connections.
TacticalRMM is a remote monitoring and management platform designed for overseeing endpoints and automating IT administration. It functions as an endpoint management tool and IT automation framework, providing a centralized dashboard for executing scripts, monitoring system health, and managing remote devices across multiple tenants. The platform distinguishes itself through a comprehensive remote administration suite that includes real-time shell access, remote file management, and registry editing. It integrates with third-party remote desktop software and provides a hierarchical policy inh
Triggers the execution of library scripts on remote agents via a programmatic API.
This project is a comprehensive toolkit for Linux security auditing and system enumeration. It functions as a framework for identifying configuration weaknesses, gathering system information, and detecting vulnerabilities to assist in gaining higher administrative access levels on Linux systems. The toolkit includes specialized capabilities for version-based vulnerability scanning, which matches installed software against known affected releases, and time-window process monitoring to track recurring system patterns and periodic tasks. It also provides infrastructure for hosting and delivering
Implements the capability to download and execute analysis scripts on target machines from a remote source.
Hoaxshell is a command and control system for Windows remote command execution. It provides a framework for generating and managing reverse shell payloads that utilize an HTTP beaconing protocol, where victim clients periodically poll a handler to receive and execute instructions. The project distinguishes itself through its ability to bypass PowerShell Constrained Language Mode using specialized payload generation. It supports encrypted command and control via TLS certificate injection and provides mechanisms for remote session recovery, allowing a handler to reestablish control over active
Implements specialized PowerShell payload construction to bypass Constrained Language Mode restrictions on hardened Windows systems.
OffensiveNim is a red teaming framework and post-exploitation toolkit developed in Nim. It provides a collection of low-level primitives and a Windows API wrapper designed for offensive security operations, including malware development and shellcode loading. The project focuses on evasion and obfuscation through techniques such as API unhooking, direct system calls, and anti-debugging mechanisms. It features diverse payload delivery methods, including reflective binary loading, the execution of .NET assemblies via CLR hosting, and various shellcode injection techniques using fibers, COM obje
Fetches scriptlet files from remote URLs and executes them through the system's script component runtime.
Phantom-Evasion es un framework de investigación de seguridad diseñado para generar payloads ofuscados y automatizar tareas de post-explotación durante evaluaciones de seguridad autorizadas. Proporciona un conjunto de utilidades para crear ejecutables y bibliotecas personalizados destinados a probar la eficacia de los sistemas de detección de antivirus y seguridad de endpoints. El framework destaca por su enfoque en operaciones residentes en memoria, permitiendo la ejecución de binarios cifrados y shellcode directamente dentro de la memoria del sistema. Al utilizar técnicas como la inyección de código basura, el cifrado de payloads y la obtención remota de recursos, minimiza la huella forense en una máquina objetivo y evita la dependencia del almacenamiento en disco. Más allá de la generación de payloads, la herramienta incluye capacidades para mantener el acceso al sistema a largo plazo mediante la configuración de claves de registro, tareas programadas y servicios en segundo plano. También admite operaciones sigilosas inyectando shellcode en procesos legítimos del sistema y automatizando tareas administrativas, como la gestión de controladores de registro de seguridad y la memoria de procesos, para facilitar escenarios de pruebas de penetración controladas.
Enables remote execution by fetching and loading encrypted executables or libraries directly into memory from a remote source.