Analysis updated 2026-05-18
Run an authorized post-exploitation assessment on a Windows machine to generate a full JSON report of privileges, patches, and credential exposure.
Use Blue Team mode to send the collected report to an AI model and get a prioritized list of security gaps and remediation steps.
Check whether known privilege escalation vulnerabilities like PrintSpoofer or Zerologon are unpatched on a Windows system during a security audit.
| niker-lixy/postex | a-bissell/unleash-lite | abhiinnovates/whatsapp-hr-assistant | |
|---|---|---|---|
| Stars | 1 | 1 | 1 |
| Language | Python | Python | Python |
| Setup difficulty | easy | hard | hard |
| Complexity | 3/5 | 4/5 | 3/5 |
| Audience | ops devops | researcher | developer |
Figures from each repo's GitHub metadata at analysis time.
Windows only. Optional AI analysis requires an OpenRouter API key. For authorized security testing only.
PostEX is a Python tool for Windows that collects a comprehensive snapshot of a machine's security state during authorized penetration tests or internal security audits. It runs on a Windows system and generates a structured JSON report covering system configuration, user privileges, installed patches, network setup, and potential security weaknesses. The tool gathers information across several categories. On the system side it records the operating system version, current user, privilege level, and the status of UAC (User Account Control). For patch coverage it checks which Windows updates are installed and flags whether specific well-known vulnerabilities remain unpatched, including CVE-2020-0796 and CVE-2021-34527. For defense detection it identifies whether Windows Defender is active, what its exclusion lists contain, and whether any of over 60 third-party endpoint security products are running. On the network side it collects interface addresses, the ARP table showing nearby devices, open ports and their associated processes, the DNS cache, and saved WiFi profile names. It also checks for saved credentials in the Windows credential manager, browser password database file locations, autologin registry entries, and PowerShell command history. The persistence module checks registry autorun keys, scheduled tasks, Windows services, and writable system folders. After collection, the report can be sent to an AI model via OpenRouter for automatic analysis in two modes. Red Team mode suggests attack paths, privilege escalation routes, and defense evasion approaches. Blue Team mode produces a prioritized list of gaps to address, covering credential hygiene, persistence risks, and network exposure. The README states that the tool is for authorized security testing only. It requires Python 3.10 or later and runs on Windows. The project is licensed under MIT.
A Python tool for Windows that collects a full security snapshot during authorized penetration tests, covering privileges, patches, credentials, and persistence, with optional AI-powered red or blue team analysis.
Mainly Python. The stack also includes Python, Windows, OpenRouter.
MIT license, meaning you can use, modify, and distribute it freely for any purpose including commercial use.
Setup difficulty is rated easy, with roughly 30min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.