Post-Exploitation Tools

267 tools
convoC2
convoC2
Open Source Post-Exploitation

C2 infrastructure over Microsoft Teams.
Covenant
Covenant
Open Source Exploitation Post-Exploitation

.NET-based C2 framework with a collaborative web interface. Uses .NET Grunts as implants, supports a rich task library, and integrates with …
Covenant
Covenant
Open Source Kali Exploitation Post-Exploitation

Covenant is a collaborative .NET C2 framework for red teamers.
cracke-dit
cracke-dit
Open Source Password Attacks Post-Exploitation

cracke-dit ("Cracked It") makes it easier to perform regular password audits against Active Directory environments.
CrackMapExec (CME / NetExec)
CrackMapExec (CME / NetExec)
Open Source Kali Exploitation Post-Exploitation

Swiss army knife for pentesting Windows/Active Directory environments. Tests credentials at scale, executes commands, dumps credentials, and…
CS-Aggressor-Kit
CS-Aggressor-Kit
Open Source Exploitation Post-Exploitation

Homemade Aggressor scripts kit for Cobalt Strike
CVE-2023-22515
CVE-2023-22515
Free Exploitation Post-Exploitation

CVE-2023-22515: Confluence Broken Access Control Exploit
CVE-2025-32463_chwoot
CVE-2025-32463_chwoot
Open Source Exploitation Post-Exploitation

Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463
Cybersecurity-Notes
Cybersecurity-Notes
Open Source Forensics Post-Exploitation

Cybersecurity Notes For Intermediate and Advanced Hackers | CEH Exam Prep Also Included
D3m0n1z3dShell
D3m0n1z3dShell
Open Source Exploitation Post-Exploitation

Demonized Shell is an Advanced Tool for persistence in linux.
darkflare
darkflare
Free Post-Exploitation

DarkFlare Firewall Piercing (TCP over CDN)
DeadPotato
DeadPotato
Open Source Post-Exploitation

DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM…
deepce
deepce
Open Source Exploitation Post-Exploitation

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
DeimosC2
DeimosC2
Open Source Exploitation Post-Exploitation

DeimosC2 is a Golang command and control framework for post-exploitation.
deutsch-lernen-goethe-a1-c2
deutsch-lernen-goethe-a1-c2
Free Post-Exploitation

Free Goethe-Zertifikat study materials for all CEFR levels (A1–C2) — vocabulary, grammar, reading, listening, speaking, writing, and mock ex…
DLLHijackHunter
DLLHijackHunter
Open Source Exploitation Post-Exploitation

Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.
DllShimmer
DllShimmer
Free Exploitation Post-Exploitation

Weaponize DLL hijacking easily. Backdoor any function in any DLL.
DNS-Tunnel-Keylogger
DNS-Tunnel-Keylogger
Open Source Post-Exploitation Reconnaissance

Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.
DoubleTeam
DoubleTeam
Free Post-Exploitation

Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports
DSInternals
DSInternals
Open Source Post-Exploitation Reconnaissance

Directory Services Internals (DSInternals) PowerShell Module and Framework
dystopia-c2
dystopia-c2
Open Source Post-Exploitation

Windows Remote Administration Tool that uses Discord, Telegram and GitHub as C2s
eCPPTv3-Notes
eCPPTv3-Notes
Open Source Exploitation Post-Exploitation

INE/eLearnSecurity Certified Professional Penetration Tester (eCPPT) / PTP v2 and v3 Notes
emp3r0r
emp3r0r
Open Source Exploitation Post-Exploitation

Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport
enumdb
enumdb
Open Source Password Attacks Post-Exploitation

Relational database brute force and post exploitation tool for MySQL and MSSQL