Orc is a simple post-exploitation written in bash (+ post-exploitation toolkit for Linux)


@superruserr At the risk of sounding like a stupid question here...

What defines a post-exploitation toolkit? And how does it differ from an exploit kit?


@nbering Toolkit does not provide exploits (ie features taking advantage of vulnerabiities for example to gain access). It packs features for after post exploitation stage (aka after you reach shell of a box).

ie the first thing you do once you get access is to enumerate (find info of the box). So the toolkit has getsec (which checks for the presence of SELinux, AppArmor, and GrSec), getspec (which prints some basic hardware information) etc.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.