17 repository-uri
Techniques for downloading and executing scripts on a target machine from a remote source.
Distinct from Live Script Execution: Candidates focus on inline JS or SQL scripts; this is about remote delivery and execution of system scripts (PowerShell).
Explore 17 awesome GitHub repositories matching security & cryptography · Remote Script Execution. Refine with filters or upvote what's useful.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Downloads scripts from a URL and executes them on target systems via memory or disk.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Runs executable files or scripts on local or remote systems to bypass security controls.
Empire is a post-exploitation framework and command and control server designed to manage remote access agents. It provides a centralized system for coordinating these agents and executing specialized scripts across target systems. The project functions as a security evasion tool by adapting network communication patterns to bypass firewalls and monitoring tools. It utilizes a multi-language agent runtime and a modular plugin architecture to execute payloads across different operating systems. The framework covers a broad range of operational capabilities, including remote agent orchestratio
Executes targeted scripts on remote hosts for intelligence gathering and privilege escalation.
ClearML is a comprehensive MLOps platform designed to manage the end-to-end machine learning lifecycle, from initial experimentation to production deployment. It provides a suite of integrated tools including a pipeline orchestrator for automating workflows, an experiment tracking tool for logging hyperparameters and metrics, and a metadata-driven data versioning system for managing large-scale datasets and model artifacts. The platform is distinguished by its advanced compute management and serving capabilities. It features a GPU compute manager that supports fractional resource slicing and
Provides a command line interface for running scripts on remote machines without modifying source code.
Faraday is a vulnerability management platform and security tool aggregator designed to centralize security findings from multiple scanners into a single dashboard. It utilizes a relational security database to catalog hosts, services, and security flaws, enabling users to track remediation and analyze organizational risk. The platform distinguishes itself through a plugin-based system that normalizes diverse security tool outputs into a unified data model. It supports deep integration with a wide array of scanners and CLI tools, intercepting shell command output or parsing report files to ag
Manages the deployment and execution of security scanners across remote agents to collect vulnerability data centrally.
Osmedeus is a security workflow orchestration engine that coordinates AI agents, shell commands, and scanning tools through declarative YAML pipelines. It functions as a distributed security scanner, a declarative workflow automator, and an AI agent framework for security, enabling automated multi-step security analysis with conditional branching, parallel execution, and distributed workers. The engine distinguishes itself through a hybrid runner model that executes workflow steps on the local host, inside Docker containers, or over SSH to remote machines, selected per step or module. It supp
Executes security workflows across cloud infrastructure, Docker containers, and remote SSH hosts with artifact persistence.
K8tools is a multi-stage attack framework that combines memory-only payload execution, credential testing, port forwarding, privilege escalation, and physical USB-based keystroke injection for comprehensive system compromise. At its core, the Ladon PowerShell module loads a multi-function scanner directly into memory, enabling command execution without writing files to disk, while supporting memory-only payload delivery that downloads and runs obfuscated shellcode or PowerShell commands to evade antivirus detection. The framework distinguishes itself through its breadth of integrated capabili
Downloads and executes the Ladon scanner from a remote URL directly in memory without writing to disk.
This is a GitHub Action that executes shell commands on remote servers over SSH as part of a CI/CD pipeline. It supports authentication using passwords, private keys, or private keys with passphrases, and can verify the SHA256 fingerprint of the remote host's public key before connecting to prevent man-in-the-middle attacks. The action can connect to multiple remote hosts in a single workflow step, optionally executing commands synchronously across all of them. It also supports routing SSH connections through an intermediate jump host to reach target servers in restricted networks. Environmen
Sends selected or all CI runner environment variables to remote shell sessions for use in commands.
Acest depozit conține manualul digital și materialele suplimentare pentru educația în machine learning probabilistic. Oferă text structurat și materiale de studiu ghidate care acoperă fundamentele matematice ale probabilității și rețelelor neuronale. Proiectul pune accent pe reproductibilitate printr-o colecție de notebook-uri interactive și scripturi standalone utilizate pentru a recrea graficele și figurile de date din text. Aceste materiale sunt găzduite în medii externe pentru a permite utilizatorilor să execute cod complex de machine learning fără instalare locală. Suprafața educațională include slide-uri de curs, soluții la exerciții și documente suplimentare care oferă detalii tehnice suplimentare. Conținutul este organizat folosind o structură bazată pe markdown și gestionat prin controlul versiunilor pentru a menține consistența între edițiile cărții.
Provides specialized scripts to regenerate figures and perform computations described in the text.
This repository is a library of scripts for automating keystroke injection and executing remote payloads via USB HID devices. It provides a collection of pre-written automation sequences that simulate keyboard input to perform complex tasks on target operating systems. The framework supports cross-platform payloads capable of detecting target operating systems and adapting keyboard layouts for accurate character injection across different regions. It utilizes a staged payload method to download and execute external code from remote servers, extending the functionality of initial scripts. The
Uses initial scripts to download and execute additional system-level code from a remote source.
This project is a red teaming knowledge base and offensive security playbook designed to simulate adversary behavior. It serves as a comprehensive collection of technical guides and tactics for executing red team operations. The repository provides detailed instructions for Active Directory exploitation, including Kerberos abuse and domain privilege escalation. It covers defense evasion through API unhooking and payload obfuscation, as well as Windows internals research involving the manipulation of kernel objects and system memory. The capability surface extends to network penetration testi
Provides techniques for bypassing PowerShell language mode constraints to execute restricted scripts.
pad.ws este un mediu de dezvoltare bazat pe web care integrează un editor de cod și un terminal cu o interfață vizuală partajată pentru schițe. Funcționează ca un mediu de dezvoltare la distanță și un spațiu de programare vizuală colaborativă, unde echipele pot mapa concepte arhitecturale și pot scrie cod în cadrul unei singure interfețe. Proiectul elimină distanța dintre design și execuție, combinând o tablă albă digitală cu un mediu de dezvoltare în cloud. Acest lucru permite utilizatorilor să realizeze planificarea vizuală a software-ului și idearea tehnică, legând schițele de pe o interfață interactivă direct de codul de implementare. Platforma oferă capabilități pentru dezvoltarea în cloud IDE și gestionarea mediilor la distanță. Aceasta include un spațiu de lucru accesibil prin browser, care se conectează la mașini virtuale în cloud pentru a executa comenzi și a gestiona fișiere de la distanță.
Provides a web interface for running commands and scripts on remote machines via persistent connections.
TacticalRMM is a remote monitoring and management platform designed for overseeing endpoints and automating IT administration. It functions as an endpoint management tool and IT automation framework, providing a centralized dashboard for executing scripts, monitoring system health, and managing remote devices across multiple tenants. The platform distinguishes itself through a comprehensive remote administration suite that includes real-time shell access, remote file management, and registry editing. It integrates with third-party remote desktop software and provides a hierarchical policy inh
Triggers the execution of library scripts on remote agents via a programmatic API.
Acest proiect este un toolkit cuprinzător pentru auditul de securitate Linux și enumerarea sistemului. Funcționează ca un framework pentru identificarea slăbiciunilor de configurare, colectarea informațiilor despre sistem și detectarea vulnerabilităților pentru a ajuta la obținerea unor niveluri mai ridicate de acces administrativ pe sistemele Linux. Toolkit-ul include capabilități specializate pentru scanarea vulnerabilităților bazată pe versiuni, care potrivește software-ul instalat cu release-urile afectate cunoscute, și monitorizarea proceselor pe intervale de timp pentru a urmări tiparele recurente ale sistemului și sarcinile periodice. Oferă, de asemenea, infrastructură pentru găzduirea și livrarea scripturilor de enumerare printr-o rețea locală pentru execuție la distanță pe mașinile țintă. Sistemul acoperă o gamă largă de domenii de analiză a securității, inclusiv scanarea pentru escaladarea privilegiilor locale, enumerarea bazată pe reguli și raportarea output-ului filtrat bazată pe nivelurile de verbozitate și categoriile definite de utilizator.
Implements the capability to download and execute analysis scripts on target machines from a remote source.
Hoaxshell is a command and control system for Windows remote command execution. It provides a framework for generating and managing reverse shell payloads that utilize an HTTP beaconing protocol, where victim clients periodically poll a handler to receive and execute instructions. The project distinguishes itself through its ability to bypass PowerShell Constrained Language Mode using specialized payload generation. It supports encrypted command and control via TLS certificate injection and provides mechanisms for remote session recovery, allowing a handler to reestablish control over active
Implements specialized PowerShell payload construction to bypass Constrained Language Mode restrictions on hardened Windows systems.
OffensiveNim is a red teaming framework and post-exploitation toolkit developed in Nim. It provides a collection of low-level primitives and a Windows API wrapper designed for offensive security operations, including malware development and shellcode loading. The project focuses on evasion and obfuscation through techniques such as API unhooking, direct system calls, and anti-debugging mechanisms. It features diverse payload delivery methods, including reflective binary loading, the execution of .NET assemblies via CLR hosting, and various shellcode injection techniques using fibers, COM obje
Fetches scriptlet files from remote URLs and executes them through the system's script component runtime.
Phantom-Evasion este un framework de cercetare în securitate conceput pentru generarea de payload-uri obfuscate și automatizarea sarcinilor post-exploatare în timpul evaluărilor de securitate autorizate. Acesta oferă o suită de utilitare pentru crearea de executabile și biblioteci personalizate menite să testeze eficacitatea sistemelor de detecție antivirus și endpoint security. Framework-ul se distinge printr-un accent pe operațiunile rezidente în memorie, permițând execuția de binare criptate și shellcode direct în memoria sistemului. Prin utilizarea unor tehnici precum injectarea de cod inutil (junk code), criptarea payload-ului și preluarea resurselor de la distanță, acesta minimizează amprenta forensică pe o mașină țintă și evită dependența de stocarea pe disc. Dincolo de generarea de payload-uri, instrumentul include capabilități pentru menținerea accesului pe termen lung la sistem prin configurarea cheilor de registru, a sarcinilor programate și a serviciilor de fundal. De asemenea, suportă operațiuni stealth prin injectarea de shellcode în procese legitime ale sistemului și automatizarea sarcinilor administrative, cum ar fi gestionarea driverelor de logare de securitate și a memoriei proceselor, pentru a facilita scenarii controlate de penetration testing.
Enables remote execution by fetching and loading encrypted executables or libraries directly into memory from a remote source.