Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
☆2,448May 6, 2024Updated last year
Alternatives and similar repositories for phpsploit
Users that are interested in phpsploit are comparing it to the libraries listed below
Sorting:
- Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C☆8,943Mar 22, 2024Updated last year
- A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks☆1,437Nov 3, 2018Updated 7 years ago
- Attack Surface Management Platform☆9,418Feb 15, 2026Updated 2 weeks ago
- Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's po…☆3,900Jan 24, 2024Updated 2 years ago
- A swiss army knife for pentesting networks☆9,082Dec 6, 2023Updated 2 years ago
- Automated All-in-One OS Command Injection Exploitation Tool☆5,640Feb 22, 2026Updated last week
- Automation for internal Windows Penetrationtest / AD-Security☆3,644Aug 28, 2025Updated 6 months ago
- Weaponized web shell☆3,486Oct 1, 2025Updated 5 months ago
- Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns☆1,560Nov 14, 2023Updated 2 years ago
- Undetectable Windows Payload Generation☆1,607Nov 8, 2022Updated 3 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,167Sep 29, 2021Updated 4 years ago
- Privilege Escalation Project - Windows / Linux / Mac☆2,602Oct 4, 2024Updated last year
- Covenant is a collaborative .NET C2 framework for red teamers.☆4,620Jul 18, 2024Updated last year
- A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.☆2,090Nov 20, 2025Updated 3 months ago
- Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and et…☆11,052Mar 17, 2024Updated last year
- Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.☆5,504Apr 17, 2025Updated 10 months ago
- macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other f…☆2,301Aug 15, 2024Updated last year
- Payload Generation Framework☆1,972Aug 21, 2024Updated last year
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,779Apr 25, 2024Updated last year
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,043Nov 24, 2019Updated 6 years ago
- An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR☆2,322Dec 6, 2023Updated 2 years ago
- Run PowerShell with rundll32. Bypass software restrictions.☆1,822Mar 17, 2021Updated 4 years ago
- A collaborative, multi-platform, red teaming framework☆4,318Feb 19, 2026Updated last week
- Wiki to collect Red Team infrastructure hardening resources☆4,450Oct 1, 2025Updated 5 months ago
- Windows Event Log Killer☆1,810Sep 21, 2023Updated 2 years ago
- FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns,…☆1,408Jan 9, 2024Updated 2 years ago
- Python / C# Unmanaged PowerShell based RAT☆771Mar 29, 2023Updated 2 years ago
- CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.☆2,779Oct 26, 2024Updated last year
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆10,150Sep 29, 2025Updated 5 months ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,818Jan 19, 2020Updated 6 years ago
- SharpSploit is a .NET post-exploitation library written in C#☆1,861Aug 12, 2021Updated 4 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,548Aug 2, 2019Updated 6 years ago
- Find exploits in local and online databases instantly☆1,809Sep 27, 2021Updated 4 years ago
- AntiVirus Evasion Tool☆1,741Apr 23, 2025Updated 10 months ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,528Jun 30, 2023Updated 2 years ago
- DKMC - Dont kill my cat - Malicious payload evasion tool☆1,418Jul 20, 2020Updated 5 years ago
- Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.☆948May 8, 2019Updated 6 years ago
- Automated NoSQL database enumeration and web application exploitation tool.☆3,238Feb 20, 2026Updated last week
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,903Sep 27, 2021Updated 4 years ago