Initial-Pwn-Framework is a offensive-security framework that focuses entirely on client-side attack vectors used to gain initial access in real-world environments. It brings together a wide range of techniques commonly employed in red teaming, phishing campaigns, malware delivery.
This framework is designed to serve as a go-to reference and toolkit for penetration testers, red teamers, during pre-exploitation stages, where user interaction or endpoint vulnerabilities are leveraged to compromise systems.
Malicious Documents & File-Based Delivery:
- Windows Shortcut Files
- HTML Smuggling Attack
- Malicious Office Documents
- Microsoft HTML Application
- Compiled HTML Help File
- Malicious PDF Files
- Disk Image Files
External Devices & Physical Access:
- Coming soon !
Network-Based Attacks:
- Coming soon !
Phishing & Social Engineering:
- Coming soon !
Malicious Documents & File-Based Delivery:
- Coming soon !
Network-Based Attacks:
- Coming soon !
The developer of this project are not responsible for any misuse or damage caused by this framework.
Feel free to open issues, submit pull requests, or suggest new modules. Whether you're adding a new module, adding payloads, improving code structure or enhancing documentation contributions are welcome.
you'll find instructions on how to contribute here.