Search Results for "post"
Sort By:
Showing 25 open source projects for "post"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
1
RedAmon
AI-powered framework for automated penetration testing and red teaming
RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. ... -
2
Toutatis
Extract public Instagram account information from usernames
Toutatis is an open source command-line tool designed to extract publicly available information from Instagram accounts. It helps users gather various data points from a target profile by querying Instagram using a username or account ID. The tool can retrieve details such as profile metadata, follower counts, biography information, and other publicly accessible account attributes. In addition to basic profile data, Toutatis can also reveal contact details that may be publicly exposed,... -
3
Instagram OSINT Tool
Instagram OSINT tool for gathering profile data and public posts
...It collects various attributes such as the username, profile name, follower counts, account status indicators, and profile metadata. In addition to profile information, it can also retrieve post-related data and download publicly available images associated with an account. The results are saved locally in structured formats such as JSON-style data inside text files, making them easy to analyze or integrate into other applications. InstagramOSINT also exposes a Python API so developers can import the functionality. -
4
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience... -
Atera - an All-in-one platform for IT managementYour IT essentials, integrated & elevated. Take your IT management from automated to autonomous, download Atera's agent to start your free trial!
-
5
Django Hijack
With Django Hijack, admins can log in and work on behalf of others
...This version provides a security-first design, easy integration, customization, out-of-the-box Django admin support and dark mode. It is a complete rewrite and all former APIs are broken. A form is used to perform a POST including a CSRF-token for security reasons. The field user_pk is mandatory and the value must be set to the target users' primary key. The optional field next determines where a user is forwarded after a successful hijack. If not provided, users are forwarded to the LOGIN_REDIRECT_URL. Do not forget to load the hijack template tags to use the can_hijack filter. ... -
6
ufonet
UFONet - Denial of Service Toolkit
UFONet - Is a set of hacktivist tools that allow launching coordinated DDoS and DoS attacks and combine both in a single offensive. It also works as an encrypted DarkNET to publish and receive content by creating a global client/server network based on a direct-connect P2P architecture. + FAQ: https://ufonet.03c8.net/FAQ.html -------------------------------------------- -> UFONet-v2.0 [R3D] "R3DST4R!" (.zip) -> md5 = [98fcd2bd3bba3f1d52738113522d3bc9] -> UFONet-v2.0 [R3D]... -
7
CrackMapExec
A swiss army knife for pentesting networks
CrackMapExec (CME) is a versatile post-exploitation and enumeration tool designed for pentesters and red teams to assess Active Directory environments. It supports credential spraying, command execution, file transfers, and module-based extensions across SMB, RDP, LDAP, and other protocols. CME provides automation and insight into Windows networks and is commonly used during lateral movement and domain enumeration phases. -
8
Shennina
Automating Host Exploitation with AI
...Shennina scans a set of input targets for available network services, uses its AI engine to identify recommended exploits for the attacks, and then attempts to test and attack the targets. If the attack succeeds, Shennina proceeds with the post-exploitation phase. The AI engine is initially trained against live targets to learn reliable exploits against remote services. Shennina also supports a "Heuristics" mode for identfying recommended exploits. -
9
SharPyShell
Tiny and obfuscated ASP.NET webshell for C# web applications
SharPyShell is a tiny and obfuscated ASP.NET web shell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework >= 2.0. SharPyShell is a post-exploitation framework written in Python. The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool is not intended as a replacement for the frameworks for C2 Server (i.e. Meterpreter, Empire, etc..) but this should be used when you land on a fully restricted server where inbound and outbound connections are very limited. ... -
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
10
PyExfil
A Python Package for Data Exfiltration
PyExfil was born as a PoC and kind of a playground and grew to be something a bit more. In my eyes it’s still a messy PoC that needs a lot more work and testing to become stable. The purpose of PyExfil is to set as many exfiltrations, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques. You can track changes at the official GitHub page. Putting it simply, it’s meant to be used as a... -
11
BlackMamba
C2/post-exploitation framework
Black Mamba is a Command and Control (C2) that works with multiple connections at same time. It was developed with Python and with Qt Framework and have multiple features for a post-exploitation step. -
12
phpsploit
Full-featured C2 framework which silently persists on webserver
Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large... -
13
mssqlproxy
Toolkit aimed to perform lateral movement in restricted environments
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. The first step is to execute code in the SQL Server process context. As extended stored procedures are going to be deprecated in future versions of MSSQL, we pay attention to Microsoft recommendations and thus, use CLR assemblies instead. -
14
PivotSuite
Network Pivoting Toolkit
PivotSuite is a portable, platform-independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on the compromised machine and access the different subnet hosts from our pentest machine, Which was... -
15
ImpraStorage
ImpraStorage provided a private imap access to store large files
ImpraStorage provided a private imap access to store large files. Each file stored on the server is split in severals random parts. Each part also contains random noise data (lenght depends on a crypt key) to ensure privacy and exclude easy merge without the corresponding key. An index of files stored is encrypt (with the symmetric-key algorithm Kirmah) and regularly updated. Once decrypt, it permit to perform search on the server and download each part. transfert process is... -
16
Mole
Automatic SQL Injection Exploitation Tool
Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible. -
17
Falcon Attacker
Interesting multithreaded, customizable, simple denial of service tool
Falcon Atttacker DoS Tool. Features: Choosable DNS/IP, PORT, Page, Server Timeout, Threads, Time Between Headers. POST attacks, GET attacks, TCP flood, ICMP flood, modem hangup ping exploit flood, DNS-to-IP option for less bandwidth, speeds, other stuff, Multithreaded, Simple question/answer style attack control, comprehensive attack options. BTC: 1LGJhVQeJZ1RQXjkm3VWdJxE4Gz88tk2Y2 -
18
Cyberbit
Visual Cryptography and Bit-Plane Complexity Segmentation in Python
...Any of the two shares will be embedded into a "normal" image file called by tradition <<vessel>>. You can use a method of hand to send the two vessels to your correspondent. For instance you can post one vessel image on facebook. The other vessel image can be sent as an attachment of an e-mail. The vessel images can be 8-bit gray-level images or 24-bit deep true-color images. Anyone who can correctly spot the two vessels and knows the dimensions of the image containing the secret message will be able to decrypt the secret message using the Cyberbit application. -
19
Motinha
Information Gathering and Network Exploitation Framework
Motinha is a Simple Information Gathering and Network Exploitation Framework coded in Python. Here we have a bridge between the final user and the most futurists’ tools on the Internet to find juice info around any network, website, domain, company or persons and in some cases exploit some features to have fun , now let’s Shut Up And Hack! -
20
Spondulas
Spondulas is browser emulator designed to retrieve web pages for hunti
Spondulas is browser emulator and parser designed to retrieve web pages for hunting malware. It supports generation of browser user agents, GET/POST requests, and SOCKS5 proxy. It can be used to parse HTML files sent via e-mail. Monitor mode allows a website to be monitored at intervals to discover changes in DNS or content over time. Autolog mode creates an investigation file that documents redirection chains. The retrieved web pages are parsed for links and reported to an output file. ... -
21
Proxy server that performs proof of concept session hijacking by receiving cookies from one or more NomNom Agents. It then offers the user an option to switch to any intercepted session. More features and site specific options later.
-
22
ExploitMyUnion is a tool written in Python with a PyQt user interface made to automate sql injection exploitation.
-
23
A reverse HTTP shell to execute commands on remote machines behind firewalls. Once you run the script on the target machine, it periodically polls its designated server for commands to execute. Traffic traverses firewall as outgoing GET/POST requests.
-
24
Intersect Framework
Post-Exploitation Framework
Post-exploitation framework written in Python. Aims to assist penetration testers in building scripts and automating many post-exploitation, information gathering and data exfiltration tasks. -
25
FileProtectorExample
EaseFilter File Access Controk SDK
...It includes a high-performance file system filter driver that intercepts and manages all file I/O operations in real time, giving developers deep, granular control far beyond what is possible with standard Windows APIs or Access Control Lists (ACLs). The EaseFilter Control Filter Driver provides a powerful method for intercepting file I/O operations at both the pre-operation and post-operation stages. This dual-layered interception enables comprehensive monitoring and enforcement of file access policies.
- Previous
- You're on page 1
- Next
