Packages that takes advantages of exploits in other programs or services.


Tool count: 185

BlackArch exploitation
Name Version Description Homepage
aclpwn 4.81480cc Active Directory ACL exploitation with BloodHound.
adenum 36.fbbe14d A pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
aggroargs 51.c032446 Bruteforce commandline buffer overflows, linux, aggressive arguments.
angrop 408.15616aa A rop gadget finder and chain builder.
armitage 150813 A graphical cyber attack management tool for Metasploit.
armor 5.bae27a6 A simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.
armscgen 98.c51b7d6 ARM Shellcode Generator (Mostly Thumb Mode).
arpoison 0.7 The UNIX arp cache update utility
autosploit 281.9a6a5ef Automate the exploitation of remote hosts.
backoori 55.988e507 Tool aided persistence via Windows URI schemes abuse.
bad-pdf 61.a8149ee Steal NTLM Hashes with Bad-PDF.
barq 35.6f1a68c An AWS Cloud Post Exploitation framework.
bed 0.5 Collection of scripts to test for buffer overflows, format string vulnerabilities.
beef 4479.955a0045 The Browser Exploitation Framework that focuses on the web browser.
bfbtester 2.0.1 Performs checks of single and multiple argument command line overflows and environment variable overflows
binex 1.0 Format String exploit building tool.
bitdump 34.6a5cbd8 A tool to extract database data from a blind SQL injection vulnerability.
blind-sql-bitshifting 54.5bbc183 A blind SQL injection module that uses bitshfting to calculate characters.
bloodyad 195.8638d5d An Active Directory Privilege Escalation Framework.
bluffy 47.180ed5b Convert shellcode into different formats.
botb 69.6d33aae A container analysis and exploitation tool for pentesters and engineers.
bowcaster 230.17d69c1 A framework intended to aid those developing exploits.
brosec 278.c51164f An interactive reference tool to help security professionals utilize useful payloads and commands.
camover 94.483befd A camera exploitation tool that allows to disclosure network camera admin password.
certsync 0.1.4 Dump NTDS remotely without DRSUAPI: using golden certificate and UnPAC the hash.
chw00t 39.1fd1016 Unices chroot breaking tool.
cisco-global-exploiter 1.3 A perl script that targets multiple vulnerabilities in the Cisco Internetwork Operating System (IOS) and Catalyst products.
cisco-torch 0.4b Cisco Torch mass scanning, fingerprinting, and exploitation tool.
coercer 2.4.3 Coerce a Windows server to authenticate on an arbitrary machine through 15 methods.
cve-search v5.1.0.r4.g471ccfb A tool to perform local searches for known vulnerabilities.
cvemap v0.0.7.r121.g18672ef CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases.
darkd0rk3r 1.0 Python script that performs dork searching and searches for local file inclusion and SQL injection errors.
darkmysqli 1.6 Multi-Purpose MySQL Injection Tool
darkspiritz 6.4d23e94 A penetration testing framework for Linux, MacOS, and Windows systems.
deepce 119.c1bb2ca Docker Enumeration, Escalation of Privileges and Container Escapes.
delorean 16.0291151 NTP Main-in-the-Middle tool.
dkmc 56.3c238f0 Dont kill my cat - Malicious payload evasion tool.
dotdotpwn 3.0.2 The Transversal Directory Fuzzer.
dr-checker 140.ea63c0f A Soundy Vulnerability Detection Tool for Linux Kernel Drivers.
drinkme 19.acf1a14 A shellcode testing harness.
ducktoolkit 37.42da733 Encoding Tools for Rubber Ducky.
encodeshellcode 0.1b This is an encoding tool for 32-bit x86 shellcode that assists a researcher when dealing with character filter or byte restrictions in a buffer overflow vulnerability or some kind of IDS/IPS/AV blocking your code.
enteletaor 68.a975b5c Message Queue & Broker Injection tool that implements attacks to Redis, RabbitMQ and ZeroMQ.
entropy 702.13aac50 A set of tools to exploit Netwave and GoAhead IP Webcams.
erl-matter 53.ab793cd Tool to exploit epmd related services such as rabbitmq, ejabberd and couchdb by bruteforcing the cookie and gaining RCE afterwards.
evil-winrm v3.5.r0.g7514b05 The ultimate WinRM shell for hacking/pentesting.
evilclippy 62.fa610c6 A cross-platform assistant for creating malicious MS Office documents.
exploit-db 1.6 The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software - A collection of hacks
exploitdb 20240829 Offensive Security’s Exploit Database Archive
exploitpack 139.e565c47 Exploit Pack - The next generation exploit framework.
eyepwn 1.0 Exploit for Eye-Fi Helper directory traversal vulnerability
ffm 129.6337eaf A hacking harness that you can use during the post-exploitation phase of a red-teaming engagement.
fimap 1.00 A little tool for local and remote file inclusion auditing and exploitation
firstexecution 6.a275793 A Collection of different ways to execute code outside of the expected entry points.
flashsploit 23.c465a6d Exploitation Framework for ATtiny85 Based HID Attacks.
formatstringexploiter 107.2810293 Helper script for working with format string bugs.
fs-exploit 3.28bb9bb Format string exploit generation.
fuzzbunch 32.2b76c22 NSA Exploit framework
gadgettojscript 20.005cb8b .NET serialized gadgets that can trigger .NET assembly from JS/VBS/VBA based scripts.
getsploit 37.bcab2ee Command line utility for searching and downloading exploits.
ghostdelivery 32.a23ed5a Python script to generate obfuscated .vbs script that delivers payload (payload dropper) with persistence and windows antivirus disabling functions.
hackredis 3.fbae1bc A simple tool to scan and exploit redis servers.
hamster 2.0.0 Tool for HTTP session sidejacking.
hcraft 1.0.0 HTTP Vuln Request Crafter
heartleech 116.3ab1d60 Scans for systems vulnerable to the heartbleed bug, and then download them.
hqlmap 38.bb6ab46 A tool to exploit HQL Injections.
htexploit 0.77 A Python script that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process
htshells 89.3216523 Self contained web shells and other attacks via .htaccess files.
impacket-ba 0.11.0 Collection of classes for working with network protocols.
inception 454.4df3231 A FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP DMA.
insanity 117.cf51ff3 Generate Payloads and Control Remote Machines .
irpas 0.10 Internetwork Routing Protocol Attack Suite.
isf 68.5228865 An exploitation framework based on Python.
jboss-autopwn 1.3bc2d29 A JBoss script for obtaining remote shell access.
jndi-injection-exploit 10.2dc4018 A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability, like Jackson, Fastjson, etc.
katana-framework 1.0.0.1 A framework that seekss to unite general auditing tools, which are general pentesting tools (Network,Web,Desktop and others).
kerberoast 0.2.0.r9.g82f5bb2 Kerberoast attack -pure python-.
kernelpop 238.b3467d3 Kernel privilege escalation enumeration and exploitation framework.
killcast 30.ee81cfa Manipulate Chromecast Devices in your Network.
killerbee 398.748740d Framework and tools for exploiting ZigBee and IEEE 802.15.4 networks.
klar 2.4.0 Integration of Clair and Docker Registry.
l0l 322.1319ea7 The Exploit Development Kit.
leroy-jenkins 3.bdc3965 A python tool that will allow remote execution of commands on a Jenkins server and its nodes.
lfi-autopwn 3.0 A Perl script to try to gain code execution on a remote server via LFI
limelighter 17.d119dc7 A tool for generating fake code signing certificates or signing real ones.
lisa.py 61.2d1f81a An Exploit Dev Swiss Army Knife.
m3-gen 7.7c656cc Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass, this tool intended for adversary simulation and red teaming purpose.
marshalsec 10.2dc4018 Java Unmarshaller Security - Turning your data into code execution.
metasploit 6.4.26 Advanced open-source platform for developing, testing, and using exploit code
minimysqlator 0.5 A multi-platform application used to audit web sites in order to discover and exploit SQL injection vulnerabilities.
miranda-upnp 1.3 A Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices
mitmf 467.0458300 A Framework for Man-In-The-Middle attacks written in Python.
moonwalk v1.0.0.r18.g68d5be1 Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
mosquito 39.fe54831 XSS exploitation tool - access victims through HTTP proxy.
myjwt 202.719b939 This cli is for pentesters, CTF players, or dev. You can modify your jwt, sign, inject, etc.
n1qlmap 2.5365444 An N1QL exploitation tool.
nosqli-user-pass-enum 18.1b3713a Script to enumerate usernames and passwords from vulnerable web applications running MongoDB.
ntlm-theft 26.512074d A tool for generating multiple types of NTLMv2 hash theft files.
office-dde-payloads 34.53291f9 Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.
opensvp 65.df54ed8 A security tool implementing "attacks" to be able to the resistance of firewall to protocol level attack.
osueta 82.2ee8068 A simple Python script to exploit the OpenSSH User Enumeration Timing Attack.
otori 0.3 A python-based toolbox intended to allow useful exploitation of XML external entity ("XXE") vulnerabilities.
owasp-zsc 316.f763dea Shellcode/Obfuscate Code Generator.
pacu 1514.993d9ca The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
pathzuzu 64.4f4533c Checks for PATH substitution vulnerabilities and logs the commands executed by the vulnerable executables.
pblind 1.0 Little utility to help exploiting blind sql injection vulnerabilities.
phantom-evasion 103.2cd0673 Antivirus evasion tool written in python.
pirana 0.3.1 Exploitation framework that tests the security of a email content filter.
pkinittools 10.7311de8 Tools for Kerberos PKINIT and relaying to AD CS.
pmcma 1.00 Automated exploitation of invalid memory writes (being them the consequences of an overflow in a writable section, of a missing format string, integer overflow, variable misuse, or any other type of memory corruption).
pocsuite 430.877d1b1 An open-sourced remote vulnerability testing framework developed by the Knownsec Security Team.
pompem 141.3ebe768 A python exploit tool finder.
powersploit 591.d943001 A PowerShell Post-Exploitation Framework.
preeny 110.aaef77f Some helpful preload libraries for pwning stuff.
pret 108.a04bd04 Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
ps1encode 41.68d7778 A tool to generate and encode a PowerShell based Metasploit payloads.
ptf 1503.e9ff60b The Penetration Testers Framework: Way for modular support for up-to-date tools.
punk 9.c2bc420 A post-exploitation tool meant to help network pivoting from a compromised unix box.
pwncat-caleb v0.5.4.r11.g37f04d4 A post-exploitation platform.
pykek 12.651b9ba Kerberos Exploitation Kit.
python-ssh-mitm 5.0.0 SSH mitm server for security audits supporting public key authentication, session hijacking and file manipulation.
python2-ropgadget 5.9 Pythonic argument parser, that will make you smile.
rebind 0.3.4 DNS Rebinding Tool
rex 711.e97d392 Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
rext 63.5f0f626 Router EXploitation Toolkit - small toolkit for easy creation and usage of various python scripts that work with embedded devices.
rfcat 170508 RF ChipCon-based Attack Toolset.
richsploit 3.6b15e0f Exploitation toolkit for RichFaces.
rmiscout 1.4 Enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities.
rombuster 223.4592b7a A router exploitation tool that allows to disclosure network router admin password.
ropeme 4.9b3a8fd A set of python scripts to generate ROP gadgets and payload.
ropgadget 7.4 Search gadgets in binaries to facilitate ROP exploitation for several file formats and architectures
ropper 1.13.10 Show information about binary files and find gadgets to build rop chains for different architectures
roputils 195.ae7ed20 A Return-oriented Programming toolkit.
routersploit 3.4.4 Open-source exploitation framework dedicated to embedded devices
rp 138.3a54a7c A full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries.
rspet 263.de4356e A Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
sc-make 12.7e39718 Tool for automating shellcode creation.
scansploit 9.a0890af Exploit using barcodes, QRcodes, earn13, datamatrix.
seclists 3731.dce0b44d A collection of multiple types of lists used during security assessments.
sensepost-xrdp 16.46d6c19 A rudimentary remote desktop tool for the X11 protocol exploiting unauthenticated x11 sessions.
serialbrute 3.111c217 Java serialization brute force attack tool.
shellcode-compiler 26.8a25463 Compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows & Linux.
shellcode-factory 96.07ae857 Tool to create and test shellcodes from custom assembly sources.
shellcodecs 0.1 A collection of shellcode, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process.
shellen 66.c0c5f83 Interactive shellcoding environment to easily craft shellcodes.
shellme 5.d5206f0 Because sometimes you just need shellcode and opcodes quickly. This essentially just wraps some nasm/objdump calls into a neat script.
shellsploit-framework 273.a16d22f New Generation Exploit Development Kit.
shellter 7.2 A dynamic shellcode injection tool, and the first truly dynamic PE infector ever created.
shocker 65.65d4d76 A tool to find and exploit servers vulnerable to Shellshock.
sickle 76.20a0f2d A shellcode development tool, created to speed up the various steps needed to create functioning shellcode.
sigploit 786.0e52072 Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP.
sigthief 25.ffb501b Stealing Signatures and Making One Invalid Signature at a Time.
sireprat 34.b8ef60b Remote Command Execution as SYSTEM on Windows IoT Core.
sjet 103.dd2a4e6 Siberas JMX exploitation toolkit.
smap 24.3ed1ac7 Shellcode mapper - Handy tool for shellcode analysis.
smtptester 13.634e1ee Small python3 tool to check common vulnerabilities in SMTP servers.
snarf-mitm 41.bada142 SMB Man in the Middle Attack Engine / relay suite.
spraykatz 62.1fb3aa7 Credentials gathering tool automating remote procdump and parse of lsass process.
sqlninja 0.2.999 A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.
sqlsus 0.7.2 An open source MySQL injection and takeover tool.
ssh-mitm 140.70998ba SSH man-in-the-middle tool.
stackflow 2.2af525d Universal stack-based buffer overfow exploitation tool.
staekka 9.57787ca This plugin extends Metasploit for some missing features and modules allowing interaction with other/custom exploits/ways of getting shell access.
subterfuge 64.69dda99 Automated Man-in-the-Middle Attack Framework.
suid3num 60.2241c9c Python script which utilizes python's built-in modules to enumerate SUID binaries.
tcpjunk 2.9.03 A general tcp protocols testing and hacking utility.
tomcatwardeployer 98.4535e64 Apache Tomcat auto WAR deployment & pwning penetration testing tool.
unibrute 1.b3fb4b7 Multithreaded SQL union bruteforcer.
venom 135.2b84e68 A Multi-hop Proxy for Penetration Testers.
viproy-voipkit 82.52b27db VoIP Pen-Test Kit for Metasploit Framework.
vmap 0.3 A Vulnerability-Exploit desktop finder.
webexploitationtool 155.85bcf0e A cross platform web exploitation toolkit.
websploit 4.0.4 An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks
wesng 364.88c464c Windows Exploit Suggester - Next Generation.
wildpwn 11.4623714 Unix wildcard attacks.
wsuspect-proxy 24.89f9375 A tool for MITM'ing insecure WSUS connections.
xcat 266.faaf8fe A command line tool to automate the exploitation of blind XPath injection vulnerabilities.
xpl-search 42.d4dbc97 Search exploits in multiple exploit databases!.
xrop 83.4af7452 Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC.
xxeinjector 55.604c39a Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
xxexploiter 103.c1f0f41 It generates the XML payloads, and automatically starts a server to serve the needed DTD's or to do data exfiltration.
yinjector 0.1 A MySQL injection penetration tool. It has multiple features, proxy support, and multiple exploitation methods.
zarp 0.1.8 A network attack tool centered around the exploitation of local networks.
zeratool 48.3fb3262 Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems.
zirikatu 7.afe1d9c Fud Payload generator script.