Post-Exploitation

Mythic is a powerful, open-source post-exploitation framework that offers red teamers and pen testers an extensible and customizable platform with numerous modules, agents, and C2 profiles to enhance their engagements and achieve objectives in various target environments.

This article provides a comprehensive guide to using Covenant, a powerful command and control framework for red teaming and post-exploitation operations.

This comprehensive guide explores Nishang, a collection of PowerShell scripts designed for penetration testing and red teaming, covering PowerShell basics, Nishang modules, advanced techniques, real-world applications, and modern evasion methods.

Though legacy in name, Empire established the blueprint for modern C2. We explore the BC-Security fork, listeners, stagers, and how to operate a PowerShell-heavy campaign.

A comprehensive guide to PowerSploit, the powerful PowerShell framework for offensive security operations, covering all modules, real-world attack scenarios, detection evasion techniques, and integration with modern red team workflows.

A massive, comprehensive deep-dive into the Metasploit Framework for professional red teamers. Learn how to manage workspaces, master advanced Meterpreter extensions like Kiwi and Incognito, understand payload internals (Staged vs. Non-Staged), automate listeners with Resource Scripts, and pivot through complex networks.

A comprehensive deep-dive into advanced Windows command-line tools. Learn how to leverage modern binaries like curl and tar, abuse legacy tools for download and execution, and perform stealthy data theft and persistence without triggering alerts.