Post exploitation tools

Tools

arpag (automatic exploiting tool)

penetration testing, security awareness, service exploitation

Tools like arpag can help with automating penetration tests and security assessments. By testing automatically for a set of exploits, the remaining time can be spend in other areas.

AutoSploit (automated host exploitation)

service exploitation, system exploitation

AutoSploit attempts to automate the exploitation of remote hosts for security assessments. Targets can be collected automatically or manually provided. Automatic sources include Censys, Shodan, and Zoomeye.

RemoteRecon (post-exploitation framework)

offensive security, penetration testing

RemoteRecon is a post-exploitation framework. It can be used to maintain access to a system without the need to have a whole toolkit on the target system.

ShellPop (toolkit for popping shells)

penetration testing

During a penetration test, you might have an opportunity to gain shell access to a system. This tool helps with crafting the required type of reverse or bind shell for the task. PopShell also helps with encoding, staging, or switching between different protocols.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.