Open Source Python Post-Exploitation Frameworks

Browse free open source Python Post-Exploitation Frameworks and projects below. Use the toggles on the left to filter open source Python Post-Exploitation Frameworks by OS, license, language, programming language, and project status.

  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Gen AI apps are built with MongoDB Atlas Icon
    Gen AI apps are built with MongoDB Atlas

    Build gen AI apps with an all-in-one modern database: MongoDB Atlas

    MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
    Start Free
  • 1
    Pacu

    Pacu

    The AWS exploitation framework, designed for testing security

    Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience and research from our countless prior AWS red team engagements. Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 2
    Motinha

    Motinha

    Information Gathering and Network Exploitation Framework

    Motinha is a Simple Information Gathering and Network Exploitation Framework coded in Python. Here we have a bridge between the final user and the most futurists’ tools on the Internet to find juice info around any network, website, domain, company or persons and in some cases exploit some features to have fun , now let’s Shut Up And Hack!
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    SharPyShell

    SharPyShell

    Tiny and obfuscated ASP.NET webshell for C# web applications

    SharPyShell is a tiny and obfuscated ASP.NET web shell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework >= 2.0. SharPyShell is a post-exploitation framework written in Python. The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool is not intended as a replacement for the frameworks for C2 Server (i.e. Meterpreter, Empire, etc..) but this should be used when you land on a fully restricted server where inbound and outbound connections are very limited. In this framework, you will have all the tools needed to privesc, net discovery, and lateral movement as you are typing behind the cmd of the target server.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • Next
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.