Exploit

Tools designed to assist with the exploitation of systems

Tool

Description

Source

Armitage

Gui for metasploit

AutoSploit

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts

Avet

Anti-Virus Evasion Tool

Chimera

PowerShell Obfuscation Script

espoofer

espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails.

Evil-WinRM

WinRM shell for hacking/pentesting. Used to connect to and use WinRM from Linux

evilginx2

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.

fireELF

fireELF is a opensource fileless linux malware framework thats crossplatform and allows users to easily create and manage payloads

HERCULES

Customizable Payload Generator

Invoke-Obsfucation

PowerShell Payload Obfuscation Script

KRACK-toolkit

This is a collection of scripts and tools that exploits the WPA vulnerability in Wi-Fi

Legion

Network pentest framework with GUI

MetaSploit

Multipurpose attack tool

NEMESIS

The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems

NoSQLMap

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database.

Offensive Wi-Fi Toolkit

This tool compiles 6 different attack modes for basic Wireless Network hacking combined with a U.I. for easy use all compacted in a minimal file size.

OfficeBreaker

Officer Breaker is a simple program that removes the password from read-only protected files that belong to the Office Open XML format family (.pptx/.xlsx/.docx file types).

PowerLessShell

PowerLessShell rely on MSBuild.exe to remotely execute PowerShell scripts and commands without spawning powershell.exe. You can also execute raw shellcode using the same approach.

PRET

Printer Exploitation Toolkit

PwnCat

NetCat on steroids

Reaver WPS

Automated exploiter for Wi-Fi WPS

routersploit

Automated exploiter for routers

SET

Social Engineering Toolkit

Seth

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials

ShellPop

Automated shellcode generator for pentests

Smuggler

An HTTP Request Smuggling / Desync testing tool written in Python 3

Smuggler (different tool)

Smuggler is a free software tool to detect and exploit -HTTP Smuggling- vulnerabilities

sqlmap

Semi-automatic sql injection tool - Some features require Metasploit

Veil Framework

Payload Encryption

Wifite2

Wi-Fi protocol analyser and attack framework

WildPwn

Tool to generate UNIX wildcard attack

Winpayloads

"Undetectable" Windows Payload Generation

Xeexee

Undetectable Reverse shell & Xor encrypting with custom KEY(FUD Metasploit Rat) bypass Top Antivirus

ZeraTool

Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems. Can be tried against Buffer Overflow challenges.

PreviousCrypto & CrackingNextPost-Exploit

Last updated

Was this helpful?