ENNAENNA

pwncat

FeaturedMIT

๐Ÿ”ฅ Offensive Ops ยท Python

pwncat is a post-exploitation platform that wraps around a standard reverse or bind shell to provide additional functionality. It automatically enumerates the target, uploads tools, manages file transfers, installs persistence mechanisms, and attempts privilege escalation - all through a single shell session. pwncat supports both Linux and Windows targets and provides a module system for extensibility. It turns a dumb shell into a full post-exploitation environment.

2.9kstars
290forks
68issues
Updated 1y ago
+I use this
View on GitHubOfficial WebsiteDocumentation

Installation

$ pip install pwncat-cs

Use Cases

  • Upgrading dumb shells to full post-exploitation platforms
  • Automated privilege escalation enumeration
  • Persistence mechanism deployment
  • File upload/download management
  • Target environment enumeration

Tags

post-exploitationreverse-shellprivescpersistenceautomationenumerationimplant-deploymentlinuxpersistanceprivilege-escalationptypwncatwindows

Details

Category
๐Ÿ”ฅ Offensive Ops
Language
Python
License
MIT
Platforms
๐Ÿงlinux๐ŸŽmacos

Links

GitHub Repository

github.com/calebstewart/pwncat

Official Website

pwncat.readthedocs.io

Documentation

pwncat.readthedocs.io

Releases

github.com/calebstewart/pwncat/releases

Issues

github.com/calebstewart/pwncat/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

Metasploit Framework

Ruby

The world's most used penetration testing framework. Exploit development, payload delivery, post-exploitation.

Compare pwncat vs Metasploit Framework

LinPEAS

Shell

Linux privilege escalation enumeration script. Finds misconfigs, SUID bins, creds, and escalation paths.

Compare pwncat vs LinPEAS

PHPSploit

Python

Stealth post-exploitation C2 framework tunneled through PHP web servers.

Compare pwncat vs PHPSploit

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound