# Lateral Movement Post-Exploitation Frameworks > Search results for `post-exploitation framework for moving laterally in a test lab` on awesome-repositories.com. 117 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/post-exploitation-framework-for-moving-laterally-in-a-test-lab **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/post-exploitation-framework-for-moving-laterally-in-a-test-lab).** ## Results - [jaykali/maskphish](https://awesome-repositories.com/repository/jaykali-maskphish.md) (3,020 ⭐) — Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific executables and mobile application packages to establish remote command sessions. The framework covers a broad surface of capabilities, including web application penetration testing, OSINT reconnaissance, memory and disk forensics, and wireless network auditing. It provides tools for payload generation, credential theft, and the automation of information gathering from public data sources. This project is implemented primarily as a shell-based application. - [darrenburns/posting](https://awesome-repositories.com/repository/darrenburns-posting.md) (12,035 ⭐) — Posting is a terminal-based HTTP request manager designed for developing, testing, and documenting API endpoints. It functions as a keyboard-driven interface that allows users to execute requests, manage collections, and inspect server responses directly within the command line environment. By storing request configurations as plain text files on the local filesystem, the tool ensures that API definitions remain compatible with standard version control systems. The project distinguishes itself by treating API collections as version-controlled assets, enabling users to migrate existing workflows from other tools or import standardized API specifications directly into a local workspace. It supports advanced request lifecycle management through user-defined scripts, allowing for dynamic manipulation of headers and payloads. Users can also bridge the gap between terminal commands and structured files by converting between command-line strings and persistent request definitions. The application provides a comprehensive suite of tools for managing complex API environments, including support for environment variable injection, mutual TLS authentication, and SSL verification. The interface is built using modular, reactive widgets that support both keyboard and mouse navigation, supplemented by a centralized command palette for rapid interaction. Users can further tailor their experience through extensive customization options, such as remappable keyboard shortcuts, theme management, and integration with external text editors and pagers. - [joaomatosf/jexboss](https://awesome-repositories.com/repository/joaomatosf-jexboss.md) (2,512 ⭐) — jexboss is a Java deserialization exploit framework and network vulnerability scanner designed to identify and exploit deserialization flaws to achieve remote code execution on target servers. It functions as a suite of tools for delivering payloads and executing system commands on vulnerable remote applications. The project includes a reverse shell orchestrator to establish and maintain persistent remote command connections from exploited targets back to a listener. It also provides post-exploitation automation for managing remote access and updating software on compromised systems. The framework covers vulnerability assessment through network scanning across IP ranges and ports, as well as verification of deserialization flaws across various request vectors and endpoints. Its capabilities extend to remote command orchestration and the delivery of payloads via network parameters or admin consoles. - [mubix/post-exploitation](https://awesome-repositories.com/repository/mubix-post-exploitation.md) (1,582 ⭐) — Post Exploitation Collection - [greydgl/pentestgpt](https://awesome-repositories.com/repository/greydgl-pentestgpt.md) (11,697 ⭐) — PentestGPT is an autonomous security testing framework that leverages large language models to plan, execute, and coordinate end-to-end penetration testing engagements. By functioning as an autonomous agent, the system automates the entire testing lifecycle, from initial reconnaissance and vulnerability analysis to the generation of custom exploits and the execution of post-exploitation tasks. The platform distinguishes itself through a multi-agent orchestration system that coordinates specialized AI agents to collaborate on complex, multi-stage attack chains. It integrates multimodal context, synthesizing both visual and textual data to inform its decision-making process. To ensure consistency and continuity, the framework maintains persistent session state, allowing users to pause and resume assessments without losing critical context or progress. The system provides a comprehensive suite of capabilities for managing external security utilities, including the ability to parse raw command-line output into structured data for automated analysis. It operates within isolated, containerized environments to ensure that testing workflows remain reproducible and secure across diverse target architectures. - [avelino/awesome-go](https://awesome-repositories.com/repository/avelino-awesome-go.md) (175,576 ⭐) — This project serves as a comprehensive language ecosystem index, functioning as a centralized, community-curated directory for the Go programming language. It organizes a vast landscape of software components, libraries, and development tools into a structured, navigable hierarchy, enabling developers to efficiently discover resources tailored to specific functional domains. The repository distinguishes itself through a decentralized contribution model, where community-driven updates ensure the index remains current with the rapidly evolving software landscape. Beyond simple resource listing, it acts as a technical knowledge repository, aggregating professional literature, style guides, and best practices to support developer onboarding and professional growth across the entire software development lifecycle. The directory covers a broad capability surface, including essential utilities for distributed systems engineering, application security, data processing, and development productivity. It provides access to specialized tools for database management, web framework integration, testing, and build automation, alongside educational materials that help developers master language-specific architectural patterns. The project is maintained as a static resource aggregation, providing a holistic view of external links and documentation to orient developers within the Go ecosystem. - [alyssaxuu/later](https://awesome-repositories.com/repository/alyssaxuu-later.md) (1,774 ⭐) — Save all your Mac apps for later with one click 🖱️ - [bishopfox/sliver](https://awesome-repositories.com/repository/bishopfox-sliver.md) (10,707 ⭐) — Sliver is a command and control framework designed for adversary emulation and security assessment operations. It provides a centralized platform for managing remote systems, enabling security professionals to coordinate multi-operator sessions and maintain persistent, secure communication channels across diverse network environments. The framework distinguishes itself through its focus on stealth and infrastructure flexibility. It utilizes dynamic payload obfuscation to generate unique binaries and supports in-memory execution to minimize disk artifacts. Communication is secured through mutual TLS, WireGuard, and other standard protocols, while an asynchronous task queue ensures reliable command delivery even across intermittent network connections. Beyond its core communication capabilities, the platform supports a wide range of post-exploitation tasks, including process manipulation, token management, and network pivoting. Users can automate complex security workflows and route traffic through compromised nodes to reach isolated network segments, facilitating comprehensive testing of organizational security controls. - [cube-js/cube](https://awesome-repositories.com/repository/cube-js-cube.md) (20,251 ⭐) — Cube is a semantic data layer that provides a unified framework for defining business metrics, dimensions, and relationships across diverse data sources. By acting as a headless business intelligence engine, it transforms raw data into a governed model that can be queried via SQL, REST, and GraphQL interfaces. This architecture ensures consistent data definitions and logic across all downstream analytical applications and reporting tools. The platform distinguishes itself through its integrated conversational AI capabilities, which allow users to explore data using natural language. It orchestrates these interactions by mapping questions to the underlying semantic model, ensuring that AI-generated insights remain accurate and context-aware. Furthermore, Cube is designed for multi-tenant environments, offering robust infrastructure isolation, row-level security, and dynamic context injection to ensure that data access is strictly governed and personalized for every user or tenant. Beyond its core modeling and AI features, the platform includes a comprehensive suite of tools for performance optimization, including automated pre-aggregation caching and asynchronous query queuing. It supports a wide range of data sources and deployment models, from self-hosted containers to managed cloud environments. The system also provides extensive programmatic control over report management, dashboard publishing, and user identity synchronization, making it suitable for embedding interactive analytics directly into custom software applications. - [torque59/nosql-exploitation-framework](https://awesome-repositories.com/repository/torque59-nosql-exploitation-framework.md) (0 ⭐) — Nosql-Exploitation-Framework - [peass-ng/peass-ng](https://awesome-repositories.com/repository/peass-ng-peass-ng.md) (19,337 ⭐) — PEASS-ng is an automated penetration testing framework designed to identify privilege escalation vectors on local systems. It functions as a security assessment utility that scans environments for misconfigurations, sensitive files, and insecure permissions to uncover paths for unauthorized privilege elevation. The project distinguishes itself through a modular script-based enumeration engine that adapts to the target environment. It utilizes environment-aware capability detection and cross-platform shell abstraction to normalize data collection across diverse operating systems, while operating primarily within volatile memory to minimize its forensic footprint. The framework covers a broad range of post-exploitation assessment tasks, including automated security auditing for both Linux and Windows environments. It employs pattern-matching heuristic analysis to systematically query system configurations and identify security gaps during authorized security assessments. - [chuhades/cms-exploit-framework](https://awesome-repositories.com/repository/chuhades-cms-exploit-framework.md) (0 ⭐) — CMS Exploit Framework - [gtfobins/gtfobins.github.io](https://awesome-repositories.com/repository/gtfobins-gtfobins-github-io.md) (12,669 ⭐) — GTFOBins is a curated knowledge base documenting security-related techniques for Unix-based system binaries. It serves as a reference for offensive security research, detailing how standard, pre-installed system utilities can be repurposed to facilitate privilege escalation, restricted environment escapes, and post-exploitation workflows. The project distinguishes itself by cataloging insecure execution paths and misconfigured permissions inherent in common system tools. By identifying legitimate binary functions that can be leveraged to bypass security controls, the repository provides a structured index for auditing local system security and understanding methods for maintaining control during security assessments. The platform is built as a static site that separates technical content from its visual presentation. It utilizes a standardized data schema to store binary specifications, which are processed through a template-driven build system to generate the final documentation. A pre-computed index enables client-side search functionality, allowing users to filter and locate specific binary techniques directly within the browser without a backend database. - [encode/django-rest-framework](https://awesome-repositories.com/repository/encode-django-rest-framework.md) (30,083 ⭐) — Django REST Framework is a toolkit for building standards-compliant web services that map complex data models to structured HTTP responses. It provides a modular architecture for handling the request lifecycle, including authentication, permission checks, and content negotiation. The framework is designed to facilitate the development of robust APIs by transforming complex data types into native formats and validating incoming request payloads against defined schemas. The project distinguishes itself through a highly modular, class-based design that allows developers to build complex views and API logic through inheritance and mixin composition. It features a powerful serialization system that automatically generates schemas from database models, alongside a flexible policy-based system for managing access control, rate limiting, and versioning. The framework also includes automated schema generation, which introspects view logic to produce interactive, machine-readable API documentation at runtime. Beyond its core serialization and view architecture, the framework provides a comprehensive suite of tools for managing the entire API lifecycle. This includes extensive support for authentication methods, content negotiation, pagination, and filtering, as well as robust error handling and testing utilities. These components are designed to be highly customizable, allowing developers to override default behaviors or implement custom logic to meet specific application requirements. - [amruthpillai/reactive-resume](https://awesome-repositories.com/repository/amruthpillai-reactive-resume.md) (38,613 ⭐) — This project is a web-based platform designed for creating, managing, and sharing professional resumes. It functions as a structured document builder that integrates artificial intelligence to assist with content generation, editing, and analysis. Users can maintain a collection of resumes, customize their visual presentation through various templates, and export them into multiple formats for job applications. The platform distinguishes itself through its autonomous AI agent capabilities, which can perform research, suggest incremental edits, and apply data patches directly to documents. It also provides a secure, self-hostable environment that allows users to maintain full control over their data and infrastructure. The system supports advanced authentication methods, including passkeys and federated identity providers, ensuring that personal and professional information remains protected. Beyond core editing, the application includes tools for document organization, such as tagging, filtering, and legacy data migration. It features a robust document generation engine that separates content from design, allowing for precise layout control and styling. Users can share their resumes via password-protected public URLs and monitor document performance through integrated analytics. The application is designed for containerized deployment, utilizing Docker Compose to facilitate consistent installation across private infrastructure. It includes built-in health monitoring and feature flagging to manage system performance and functionality without requiring code redeployments. - [z4nzu/hackingtool](https://awesome-repositories.com/repository/z4nzu-hackingtool.md) (77,515 ⭐) — This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating external repositories, allowing users to fetch and organize third-party tools directly into a structured local directory. By utilizing a categorized menu system and shell-based process execution, the suite enables efficient navigation and direct invocation of specialized tools for tasks ranging from forensic analysis and reverse engineering to exploit development. The toolkit covers a broad spectrum of security domains, including web and wireless attack vectors, cloud security, payload creation, and social media analysis. It also incorporates automated environment setup to handle the installation of necessary system packages and language runtimes, ensuring compatibility across its diverse collection of utilities. - [rastating/wordpress-exploit-framework](https://awesome-repositories.com/repository/rastating-wordpress-exploit-framework.md) (1,047 ⭐) — A Ruby framework designed to aid in the penetration testing of WordPress systems. - [screetsec/thefatrat](https://awesome-repositories.com/repository/screetsec-thefatrat.md) (11,038 ⭐) — TheFatRat is a security exploitation framework designed to automate the creation, obfuscation, and deployment of payloads for penetration testing. It functions as a comprehensive toolkit that streamlines the exploitation lifecycle, enabling users to generate malicious executables, manage network listeners, and execute post-exploitation tasks through a unified command-line interface. The framework distinguishes itself by integrating various third-party exploitation utilities into a single, orchestrated workflow. It provides specialized capabilities for embedding code into legitimate binaries and modifying file metadata to test system resilience against signature-based detection. Additionally, the tool supports physical security assessments by generating autorun configurations for removable media to evaluate automated execution behaviors on target systems. Beyond core payload generation, the platform includes utilities for environment dependency validation to ensure all necessary components are configured correctly before testing begins. It also automates post-compromise actions, such as information gathering and credential extraction, to facilitate efficient security audits. - [e2b-dev/awesome-ai-agents](https://awesome-repositories.com/repository/e2b-dev-awesome-ai-agents.md) (25,903 ⭐) — This project is a curated repository and directory focused on the artificial intelligence agent ecosystem. It serves as a centralized knowledge base for developers and researchers to discover frameworks, platforms, and autonomous software entities designed for reasoning, planning, and executing complex tasks. The directory distinguishes itself through a community-driven curation model, where contributors maintain and update the collection via a distributed version control system. This collaborative approach ensures that the index remains current with the latest academic resources, open-source projects, and commercial tools, all organized through a structured categorical taxonomy. The collection covers a broad range of technical domains, including multi-agent system orchestration, autonomous workflow automation, and general agent development. By aggregating these high-quality references, the repository facilitates the evaluation of technologies for building self-directed digital workers and complex autonomous systems. The information is structured using lightweight markup files and rendered as a static site to provide a consistent and accessible interface for global users. - [move-language/move](https://awesome-repositories.com/repository/move-language-move.md) (0 ⭐) — This was the home of the Move language from inception to ~2022. This repository is no longer maintained, but development continues in https://github.com/move-language/move-on-aptos and https://github.com/move-language/move-sui. - [atsushisakai/pythonrobotics](https://awesome-repositories.com/repository/atsushisakai-pythonrobotics.md) (29,772 ⭐) — PythonRobotics is a comprehensive collection of modular robotics algorithms and educational simulations designed for autonomous navigation, state estimation, and motion control. The project provides a library of standalone implementations for path planning, localization, mapping, and kinematics, serving as a resource for researchers and students to experiment with foundational and advanced robotic theories. The project distinguishes itself through an algorithm-centric design where each module functions as an isolated script, allowing for independent testing and clear pedagogical demonstration. Every implementation is explicitly mapped to academic literature or foundational robotics textbooks, ensuring that the mathematical models and control strategies remain verifiable and accurate. Users can execute these scenarios within a decoupled simulation environment that maintains its own internal state and control loops, requiring no external dependencies. The capability surface covers a broad range of robotic domains, including aerial navigation, bipedal locomotion, and multi-joint arm control. It features extensive toolkits for probabilistic sensor fusion, environmental mapping, and trajectory tracking, all powered by high-performance numerical computation. Real-time geometric animations and state estimations are rendered directly from simulation data using standard plotting libraries. - [shadow1ng/fscan](https://awesome-repositories.com/repository/shadow1ng-fscan.md) (13,421 ⭐) — Fscan is an automated penetration testing tool designed for internal network reconnaissance and vulnerability assessment. It functions as a comprehensive security framework that maps network infrastructure, identifies active hosts and services, and detects security weaknesses across internal environments. The tool distinguishes itself through a modular plugin architecture that allows for extensible security checks and a stateful asset tracking system that maintains an in-memory registry of discovered infrastructure. It incorporates a dedicated credential brute-force engine for testing password strength and supports proxy-aware traffic routing to facilitate operations within segmented or restricted network segments. Beyond core discovery, the platform provides capabilities for post-exploitation security operations, including system information collection and remote access management. Users can control scan performance through configurable concurrency and rate limits, with options to manage tasks via both command-line execution and a graphical web interface. - [emilyanncr/windows-post-exploitation](https://awesome-repositories.com/repository/emilyanncr-windows-post-exploitation.md) (0 ⭐) - [amnn/move-mode](https://awesome-repositories.com/repository/amnn-move-mode.md) (0 ⭐) — move-mode is an Emacs major-mode for editing smart contracts written in the Move programming language. Supports Emacs 25.1 and above (tested on Emacs for Mac OS X 25.1-1, Emacs Mac Port 28.1). - [manisso/fsociety](https://awesome-repositories.com/repository/manisso-fsociety.md) (12,136 ⭐) — fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits. It functions as a wrapper that integrates external security binaries into a unified, menu-driven interface, providing a centralized system for command-line parameter mapping and execution. The project distinguishes itself by organizing specialized utilities into domain-specific collections for structured navigation. It automates the transition between different phases of an audit by chaining reconnaissance and exploitation tools through sequential workflow automation. The framework covers a broad range of security capabilities, including network reconnaissance, web application auditing, and system vulnerability exploitation. It provides dedicated toolsets for credential brute forcing, network traffic interception, wireless security auditing, and post-exploitation management to maintain persistence on compromised systems. - [drizzle-team/drizzle-orm](https://awesome-repositories.com/repository/drizzle-team-drizzle-orm.md) (34,835 ⭐) — Drizzle ORM is a TypeScript-native database toolkit providing type-safe SQL query building, schema management, and automated migrations across PostgreSQL, MySQL, SQLite, and SingleStore. - [questescape/exploit](https://awesome-repositories.com/repository/questescape-exploit.md) (120 ⭐) — Kernel exploits for the Oculus Quest - [sundowndev/hacker-roadmap](https://awesome-repositories.com/repository/sundowndev-hacker-roadmap.md) (15,081 ⭐) — Hacker Roadmap is a community-driven repository that functions as a structured learning path and resource directory for cybersecurity and ethical hacking. It organizes complex security concepts into sequential modules, guiding users from fundamental knowledge to advanced technical exploitation skills through a curated collection of educational materials and professional development resources. The project distinguishes itself by acting as a centralized index that maps specialized third-party security software and isolated training environments to specific operational use cases. By aggregating technical advisories, documentation, and research materials, it provides a comprehensive hub for practitioners to refine their expertise in penetration testing, network infrastructure risk assessment, and web application security auditing. The platform covers a broad capability surface, including tools for vulnerability scanning, password auditing, and network traffic analysis. It supports the security community by facilitating the contribution of new learning resources and providing access to interactive, challenge-based environments where users can practice defensive and offensive techniques in controlled settings. - [beefproject/beef](https://awesome-repositories.com/repository/beefproject-beef.md) (10,728 ⭐) — BeEF is a modular security testing environment designed for browser exploitation and web application auditing. It functions as a platform for security professionals to evaluate client-side defenses by injecting persistent scripts into web browsers, establishing a bidirectional communication channel for remote command execution and data exfiltration. The framework distinguishes itself through its ability to use compromised browser sessions as proxies to conduct internal network reconnaissance, effectively bypassing perimeter security controls. It utilizes an event-driven control interface and asynchronous command queuing to manage multiple hooked sessions, allowing for the coordination of complex, multi-stage assessment workflows. The system supports a modular architecture that enables the development of custom plugins and automated rules to extend its core testing capabilities. It includes comprehensive administrative controls, such as role-based access control, authentication rate limiting, and network access restrictions, to secure the testing environment and manage component lifecycles. - [orsinium-labs/mypy-test](https://awesome-repositories.com/repository/orsinium-labs-mypy-test.md) (0 ⭐) — Test mypy plugins, stubs, custom types. - [flutter-team-archive/plugins](https://awesome-repositories.com/repository/flutter-team-archive-plugins.md) (17,710 ⭐) — This project is a collection of official plugin packages and a native integration library designed to provide a consistent interface for accessing hardware and software functionality across different mobile and desktop platforms. It serves as a native platform bridge, enabling cross-platform applications to invoke native code and manage operating system dependencies. The project utilizes a federated plugin architecture, splitting plugins into common interfaces and separate platform implementations to allow for independent development and extension. It further supports native integration through a foreign function interface for synchronous and asynchronous execution between isolates and host operating systems. The codebase covers a broad range of capabilities including state management, declarative app navigation, and local data persistence using SQL and key-value stores. It also encompasses networking primitives for authenticated HTTP and WebSocket communication, as well as comprehensive testing frameworks for unit, widget, and integration verification. Additional surface areas include AI integration for model-agnostic APIs and text-to-UI conversion, alongside a suite of UI components, physics-based animations, and monitoring tools for application performance profiling and crash reporting. - [alessandroz/lazagne](https://awesome-repositories.com/repository/alessandroz-lazagne.md) (10,867 ⭐) — LaZagne is a cross-platform credential recovery tool designed to extract passwords and secrets from operating systems, browsers, and applications. It functions as a security utility for retrieving stored credentials from compromised systems during penetration testing. The tool provides capabilities for decrypting domain credentials and extracting sensitive data from system storage, including memory dumps, credential managers, keychains, and password hashes. It recovers stored passwords from common software by accessing plaintext files, APIs, and local databases. The project supports digital forensic analysis and security auditing by gathering recovered credentials and exporting them into structured text or JSON formats for external storage and analysis. - [composer/composer](https://awesome-repositories.com/repository/composer-composer.md) (29,457 ⭐) — Composer is a command-line dependency management tool for PHP that automates the process of resolving, downloading, and installing external code libraries. It functions by evaluating version constraints defined in a project's configuration file to calculate a compatible dependency tree, ensuring that applications maintain consistent behavior across different development and production environments. The tool utilizes a structured manifest file as the single source of truth for project requirements and generates a deterministic lock file to record the exact version and hash of every installed dependency. This mechanism ensures reproducible build environments by guaranteeing that every machine uses the identical set of software packages. The system also supports automated package lifecycles, allowing for the addition, update, and removal of components while maintaining a clear record of project state. Beyond core dependency resolution, the software integrates into automated build pipelines to support containerized application deployment and provides mechanisms for resolving version mismatches. It includes features for managing network proxy configurations and offers an extension architecture that allows third-party code to hook into the installation lifecycle. - [clean-test/clean-test](https://awesome-repositories.com/repository/clean-test-clean-test.md) (54 ⭐) — A modern C++-20 testing framework. - [empireproject/empire](https://awesome-repositories.com/repository/empireproject-empire.md) (7,813 ⭐) — Empire is a command and control framework and post-exploitation toolkit used for network penetration testing. It serves as a centralized platform for coordinating remote agent communication and automating the delivery of security testing payloads to target systems. The project provides a suite of modules for host reconnaissance, lateral movement, and credential harvesting across corporate environments. It functions as a remote administration tool to maintain persistence and execute commands on compromised hosts. The framework incorporates capabilities for agent orchestration and the execution of specialized security modules. It includes methods for bypassing network detection and implementing evasion techniques to avoid discovery by security monitoring tools. - [harvard-edge/cs249r_book](https://awesome-repositories.com/repository/harvard-edge-cs249r-book.md) (20,217 ⭐) — This project is a comprehensive educational framework designed to teach the design, deployment, and performance optimization of machine learning systems. It provides a structured curriculum that covers the full stack of artificial intelligence engineering, ranging from the construction of core framework components like tensors and automatic differentiation engines to the orchestration of large-scale distributed training clusters. The platform distinguishes itself through its integration of physics-grounded systems modeling and interactive simulation environments. Users can experiment with distributed training strategies, analyze communication overhead, and perform economic modeling to estimate the total cost of ownership, energy consumption, and reliability of hardware clusters. By combining these analytical tools with hands-on embedded hardware kits and browser-based notebooks, the project enables students to bridge the gap between theoretical architecture and practical deployment on resource-constrained edge devices. Beyond core training, the project offers a broad suite of capabilities for evaluating machine learning operations. This includes tools for assessing inference latency, quantifying environmental impact, and optimizing production workloads across diverse environments. The curriculum is supported by extensive pedagogical resources, including lecture materials, assessment banks, and interview preparation scenarios that focus on hardware selection and parallel scaling strategies. The project is maintained as an open-source repository, providing version-controlled educational content and modular software components that allow for collaborative development and adaptation by the academic community. - [windowsexploits/exploits](https://awesome-repositories.com/repository/windowsexploits-exploits.md) (1,302 ⭐) — Windows Exploits - [rapid7/metasploit-framework](https://awesome-repositories.com/repository/rapid7-metasploit-framework.md) (38,415 ⭐) — The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to manage high-performance, concurrent network connections and features a transport-agnostic communication layer that abstracts protocols to maintain persistent command and control. Users can extend the core functionality through a plugin system and define complex exploit logic using a domain-specific language. The framework provides robust capabilities for remote payload management, including the configuration of network settings like sleep intervals and timeout thresholds. It maintains state persistence across long-running sessions by storing discovered host information and vulnerability data in a relational database. The software is designed for cross-platform deployment, with installation support available for Linux, macOS, and Windows environments. - [bc-security/empire](https://awesome-repositories.com/repository/bc-security-empire.md) (5,045 ⭐) — Empire is a post-exploitation command-and-control (C2) framework designed for red team operations. It deploys and manages agents written in PowerShell, Python, C#, Go, and C across Windows, Linux, and macOS, using encrypted communication channels over HTTP, HTTPS, and SMB. The framework executes over 400 built-in modules for reconnaissance, privilege escalation, credential theft, and lateral movement, and provides a modular engine for authoring custom attack modules. What sets Empire apart is its multi-language agent deployment system, which allows operators to choose implants that suit each target environment, including lightweight Go agents for Windows and cross-platform Python and C agents. Communication is protected by a two-stage key exchange and AES-encrypted packets, and malleable communication profiles let operators alter beacon traffic patterns to mimic specific threat actors. Empire also emphasizes evasion, with features such as reflective memory execution, payload obfuscation using ConfuserEx and Invoke-Obfuscation, PowerShell protection bypasses, and JA3/JARM fingerprint randomization. The framework exposes a REST API for automation, enabling integration with external tools and scripted workflows. Its plugin system extends functionality with custom event hooks, data filters, and lifecycle triggers. Agents support remote command execution, file transfer, SOCKS proxy tunneling, and task monitoring, while listener and stager management is fully configurable. Empire includes a web GUI and CLI for multi-operator collaboration, with access control via token-based authentication and IP allow/deny lists. - [notselwyn/exploits](https://awesome-repositories.com/repository/notselwyn-exploits.md) (28 ⭐) — Custom exploits - [sindresorhus/move-file](https://awesome-repositories.com/repository/sindresorhus-move-file.md) (207 ⭐) — Move a file, directory, or symlink - Even works across devices - [ibis-project/ibis](https://awesome-repositories.com/repository/ibis-project-ibis.md) (6,574 ⭐) — Ibis is a portable Python dataframe library and multi-backend query engine that provides a unified interface for executing data transformations across diverse compute engines. It functions as a Python SQL expression compiler and dialect transpiler, allowing users to define data logic once and execute it across cloud warehouses, embedded databases, and distributed clusters without rewriting code. The project distinguishes itself through a database backend abstraction that decouples transformation logic from the underlying execution engine. It enables polyglot data workflows by mixing raw SQL strings with programmatic Python expressions and provides a dataframe interop layer to convert query results between various memory formats. Its capability surface covers a broad range of data analysis operations, including row filtering, aggregation, and geospatial processing, as well as comprehensive schema and database hierarchy management. The system also supports data streaming via a unified batch and streaming API, as well as integration with cloud storage and various file formats for data import and export. - [parrotsec/mimikatz](https://awesome-repositories.com/repository/parrotsec-mimikatz.md) (2,536 ⭐) — Mimikatz is a Windows post-exploitation framework designed for extracting plaintext passwords, hashes, PIN codes, and security tokens from system memory and the registry. It functions as a credential extraction tool that targets the Local Security Authority Subsystem Service to retrieve cached credentials and sensitive account data. The project provides specialized capabilities for Active Directory penetration testing, including the simulation of domain controllers to replicate directory secrets. It features a Kerberos ticket manipulator capable of exporting, injecting, and forging authentication tickets to bypass identity verification. The framework covers a broad range of security analysis activities, including privilege escalation, network lateral movement, and the export of private keys and certificates from system stores. It also includes utilities for kernel-mode driver injection to bypass operating system protections and the encryption of remote command traffic. - [coderamp-labs/gitingest](https://awesome-repositories.com/repository/coderamp-labs-gitingest.md) (13,979 ⭐) — Gitingest is a Git repository analysis and conversion service that transforms code repositories into structured plain-text summaries optimized for large language model consumption. It provides HTTP API endpoints and Python functions to integrate repository processing into AI pipelines and applications, with S3-compatible storage for persisting and retrieving generated digests. The service is packaged as a Docker container with all dependencies bundled for consistent deployment across environments. The project distinguishes itself through asynchronous processing of multiple repositories concurrently using a worker pool for high throughput, and the ability to stream repository digests via HTTP endpoints for real-time consumption in AI workflows. It includes comprehensive monitoring through Prometheus metrics and Sentry exception tracking to track performance and detect issues in digest generation workflows, while maintaining security best practices through non-root execution and vulnerability reporting mechanisms. Gitingest offers a command-line interface for triggering repository conversions without programming, along with development tools for faster iteration including hot reload support. The system is designed to preserve code hierarchy and snippets during repository conversion, ensuring the generated digests maintain the structural integrity of the original codebase for more accurate AI analysis. The project is implemented in Python and can be deployed as a containerized service in CI/CD pipelines with all dependencies included. - [test-bench/test-bench](https://awesome-repositories.com/repository/test-bench-test-bench.md) (73 ⭐) — Principled Test Framework for Ruby and MRuby - [nathanlopez/stitch](https://awesome-repositories.com/repository/nathanlopez-stitch.md) (3,532 ⭐) — Stitch is a command and control framework and post-exploitation toolkit designed for managing multiple remote systems from a central server. It functions as a remote administration tool and payload builder, enabling the execution of commands and the deployment of agents across different operating systems. The project features a cross-platform builder for generating custom executable agents with configurable network bindings and boot behaviors. It utilizes encrypted communication channels to secure traffic between the controller and remote clients, and it supports the execution of dynamic scripts to extend agent functionality at runtime without recompiling binaries. The framework covers a range of remote administration and system manipulation capabilities, including credential and data exfiltration, keystroke recording, and screen capturing. It provides tools for maintaining a persistent presence on target machines through platform-specific installers and the modification of system registry values and files. - [n1nj4sec/pupy](https://awesome-repositories.com/repository/n1nj4sec-pupy.md) (8,942 ⭐) — Pupy is a command and control framework and post-exploitation suite used for remote administration and system management. It functions as a cross-platform tool for deploying payloads and controlling multiple remote agents through encrypted communication channels. The framework features a multi-platform payload generator that creates custom executable files using configurable network launchers. It employs a network traffic obfuscator that stacks encryption and obfuscation protocols to hide communication from observation. The system provides capabilities for in-memory code execution, remote process migration for persistence, and the interaction with remote objects via procedure calls. It includes a unified interface for executing system commands and managing interactive shells across different operating systems. - [apple/foundationdb](https://awesome-repositories.com/repository/apple-foundationdb.md) (16,446 ⭐) — FoundationDB is an ACID-compliant distributed transactional key-value store. It functions as a scalable database engine that ensures strict serializability and data consistency across a cluster of servers using a shared-nothing architecture. The system is distinguished by its multi-region replication capabilities, allowing data to be synchronized across different datacenters for high availability and disaster recovery. It utilizes optimistic concurrency control to manage distributed transactions and employs a majority-based coordination system to maintain cluster state. The platform provides extensive support for custom data modeling, enabling the implementation of complex structures like priority queues and multidimensional tables on top of the ordered key-value store. Its operational surface includes multi-tenant isolation via named transaction domains, deterministic cluster simulation for testing, and zero-downtime hardware migration. The database provides specialized client libraries for multi-language support and a system for managing client API versioning to ensure compatibility during cluster upgrades. - [serputko/performance-testing-framework](https://awesome-repositories.com/repository/serputko-performance-testing-framework.md) (0 ⭐) — Copyright © 2017-2018 Anton Serputko. Contacts: serputko.a@gmail.com - [gin-gonic/gin](https://awesome-repositories.com/repository/gin-gonic-gin.md) (88,694 ⭐) — Gin is a web framework designed for building high-performance web services and APIs. It functions as a middleware-oriented engine that processes incoming HTTP requests through a sequential chain of handlers, allowing for the modular management of cross-cutting concerns such as authentication and logging. The framework utilizes a radix tree data structure to perform request routing, ensuring high-speed path matching with minimal memory overhead. It distinguishes itself by employing a zero-reflection dispatch mechanism that invokes handler functions through static type assertions, avoiding the performance costs typically associated with runtime type inspection. Furthermore, it provides a type-safe data binding layer that maps incoming request payloads directly into structured objects using declarative metadata tags, which simultaneously enforces validation rules to maintain data integrity. Developers can organize complex API surfaces by grouping related endpoints into logical segments that share common path prefixes and middleware configurations. The framework manages the request lifecycle by passing a single mutable context object through the handler chain, which helps minimize memory allocations during request processing.