Search Results for "post"

Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of...

PowerHub is a PowerShell-based automation framework designed to centralize and orchestrate common administrative tasks across Windows environments. It exposes a modular command set for inventorying systems, managing services, deploying packages, and executing remote commands with consistent logging and error handling. The project places emphasis on discoverability and reuse: scripts are organized into reusable modules and functions with clear parameter contracts so teams can compose...

PoshC2 is a proxy-aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python2/Python3 payload. ...

Penetration-Testing-Tools is a curated collection of tools, scripts, cheatsheets and reference materials assembled to help security researchers, red-teamers, and students perform hands-on penetration testing across multiple domains. The repository groups resources by discipline — reconnaissance, web application testing, network exploitation, privilege escalation, post-exploitation and reporting — so users can quickly find relevant utilities and walkthroughs. Many entries include short usage notes, common command examples, and links to upstream projects or writeups, turning the repo into both a toolbox and a practical learning library. The collection emphasizes tooling that is easy to run in lab environments and often points to small scripts and one-file utilities that accelerate common tasks like service discovery, credential harvesting, or privilege checks.

PowerShell-Suite is a curated collection of PowerShell utility scripts and modules created to provide low-level Windows API access, process manipulation, debugging detection, security operations, and post-exploitation techniques directly from PowerShell. The project is licensed under BSD-3-Clause. Among its components, there are scripts like Invoke-Runas (to launch processes under alternate credentials via CreateProcessWithLogonW), Invoke-CreateProcess (to spawn processes with fine control over flags, window state, etc.), Detect-Debug (to detect kernel or user mode debugging environments), Get-Handles (to enumerate handles in a process via NtQuerySystemInformation), Get-TokenPrivs (to inspect privileges on process tokens), Get-Exports (to parse DLL exports without loading DLLs), Masquerade-PEB (to alter the PEB of a process to appear as a different process), and UAC-TokenMagic (a method to bypass UAC via token manipulation).

PowerSploit is a PowerShell-based post‑exploitation framework widely used by penetration testers, red‑teamers, and security researchers. It includes modules for code execution, introspection, lateral movement, persistence, and data exfiltration—deeply integrated into Windows environments.

PowerSploit is a collection of PowerShell modules that historically served as a toolkit for post-exploitation tasks, red-team exercises, and offensive-security research—covering areas like reconnaissance, lateral movement, persistence, and situational awareness. The repository bundles many focused scripts: code to enumerate system and Active Directory information, payload generation helpers, in-memory execution utilities, and modules to interact with credentials and services.

This repository provides pre-configured Packer templates for automating the build of Windows virtual machine images (Vagrant “boxes”) for VMWare Fusion and VirtualBox. Originally based on VeeWee, it automates unattended Windows installation, provisioning, and packaging, streamlining the creation of reusable dev/test environments.