Search Results for "payload"

This project is a framework that provides an implementation of JWS JSON Web Signature (RFC 7515), JWE JSON Web Encryption (RFC 7516), JWK JSON Web Key (RFC 7517), JWA JSON Web Algorithms (RFC 7518), JWT JSON Web Token (RFC 7519), JSON Web Key Thumbprint (RFC 7638), Unencoded Payload Option (RFC7797).

drozer (formerly Mercury) is the leading security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS. drozer provides tools to help you use, share and understand public Android exploits. It helps you to deploy a drozer Agent to a device through exploitation or social engineering. Using weasel (MWR's advanced exploitation payload) drozer is able to maximise the permissions available to it by installing a full agent, injecting a limited agent into a running process, or connecting a reverse shell to act as a Remote Access Tool (RAT).

...Avoid passing objects to the component's public properties if possible. Use primitive types: strings, integers, arrays, etc. That's because Livewire serializes/deserializes your component's payload with each request to the server to share the state between the frontend & backend. If you need to work on objects, you can create them inside a method or computed property, and then return the result of the processing.

Support CobaltStrike's security assessment of other platforms (Linux/MacOS/...), and include the development support of Unix post-penetration module.

0xsp mongoose red version is provided to assist your needs during cyber security simulation, by using this version you will be able to audit a targeted Windows operation system for system vulnerabilities, misconfiguration, and privilege escalation attacks and replicate the tactics and techniques of an advanced adversary in a network. With node js support for web application API, it becomes much easier for installation and customization in a timely manner, the windows sensor agent will...

...A dropper is a type of malware used to download and install additional malicious software, and this framework focuses on making that process more flexible and difficult to detect. It provides a wide range of modules that allow users to customize payload delivery, persistence mechanisms, and execution methods. The framework includes features such as antivirus evasion, privilege escalation, and system persistence, enabling it to maintain access on compromised systems. It also incorporates techniques to avoid forensic analysis, such as self-deletion and cleaning traces after execution. ...

JSON Object Signing and Encryption Framework (JWT, JWS, JWE, JWA, JWK, JWKSet and more)

LeeGo is a lightweight Swift framework that helps you decouple & modularise your UI component into small pieces of LEGO-style's bricks, to make UI development declarative, configurable and highly reusable. We all know that MVC pattern has some serious problems when dealing with a complex iOS project. Fortunately, there are also a bunch of approaches that aim to fix the problems, most of them mainly address the Controller part, such as MVP, MVVM, MVSM or VIPER. But there is barely a thing...

...It provides a modular architecture—payloads, encoders, exploits, auxiliaries, and post-exploitation modules—so security professionals can piece together complex attack chains or test defensive controls in realistic ways. Built-in features include an exploit database, network scanners, credential harvesters, and frameworks to craft reliable payload delivery while handling target nuances like mitigation bypasses and platform differences. Beyond raw exploitation, the framework includes post-exploitation tooling for lateral movement, persistence, data exfiltration simulations, and evidence collection, enabling red teams to exercise detection and incident response workflows.

PowerSploit is a collection of PowerShell modules that historically served as a toolkit for post-exploitation tasks, red-team exercises, and offensive-security research—covering areas like reconnaissance, lateral movement, persistence, and situational awareness. The repository bundles many focused scripts: code to enumerate system and Active Directory information, payload generation helpers, in-memory execution utilities, and modules to interact with credentials and services. Because the modules can be used to both demonstrate weaknesses and to exploit them, the project is typically referenced in threat emulation, penetration testing, and defensive research to understand attacker capabilities. Responsible use centers on authorized assessments: defenders use the toolkit to validate monitoring and detection, while operators apply its lessons to patch, harden, and instrument systems.

PHP 5.3+ compatible framework set to run on Apache. Its a standard MVC style framework with Plugins and Bins (payload style packaging).