A curated collection of awesome malware, botnets, and other post-exploitation tools.
Malware is software intentionally designed to cause damage or provide unauthorized access to a computer, server, or computer network. While not exclusive, this list is heavily biased towards Free Software projects. For pre-exploitation TTPs, see awesome-pentest. For defenses, see awesome-cybersecurity-blueteam.
Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Please check the Contributing Guidelines for more details. This work is licensed under a Creative Commons Attribution 4.0 International License.
- Idisagree - Control remote computers using Discord bot and Python 3.
(Also known as Remote Access Trojan.)
- Bella - Pure Python post-exploitation data mining and remote administration tool for macOS.
- Empire - Pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture.
- EvilOSX - Modular RAT that uses numerous evasion and exfiltration techniques out-of-the-box.
- Pupy - Low-footprint, cross-platform (Windows, Linux, macOS, Android) RAT featuring all-in-memory execution guideline written in Python.
- Adore-NG - Rootkit adapted for the 2.6 and 3.x Linux kernels.
- AdoreForAndroid - Adore rootkit ported to Android.
- Diamorphine - LKM rootkit for Linux Kernels 2.6.x, 3.x, and 4.x.
- vlany - Linux
LD_PRELOADrootkit.
(Also known as webshells, one word.)
- Weevely - Extensible PHP Web shell with numerous out-of-the-box modules.
- PHP WebShells collection - Repository of common PHP Web shells, somewhat dated.
This work is licensed under a Creative Commons Attribution 4.0 International License.