Awesome Open Source

Programming Languages

Search results for cybersecurity red team

cybersecurity x

50 search results found

Caldera ⭐ 4,930

Automated Adversary Emulation Platform

Redteam Tools ⭐ 4,019

Tools and Techniques for Red Team / Penetration Testing

Villain ⭐ 3,376

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

Redeye ⭐ 2,532

RedEye is a visual analytic tool supporting Red & Blue Team operations

Cloud Exploitation Framework 云环境利用框架，方便安全人员在获得 AK 的后续工作

Dismap ⭐ 1,840

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

Cybersecurityrss ⭐ 1,622

CyberSecurityRSS: A collection of cybersecurity rss to make you better!

Nidhogg ⭐ 1,453

Nidhogg is an all-in-one simple to use rootkit.

Adversary_emulation_library ⭐ 1,419

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Fofa_viewer ⭐ 1,377

A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.

A Red Teamer Diaries ⭐ 1,294

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Lockdoor Framework ⭐ 1,254

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Goblin ⭐ 1,182

一款适用于红蓝对抗中的仿真钓鱼系统

Cyber Security ⭐ 1,000

My cyber security tools

Ssh Snake ⭐ 874

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

Awesome List Of Secrets In Environment Variables ⭐ 722

🦄🔒 Awesome list of secrets in environment variables 🖥️

Sandman ⭐ 670

Sandman is a NTP based backdoor for red team engagements in hardened networks.

Cve 2021 44228 Poc Log4j Bypass Words ⭐ 611

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Resolvers ⭐ 536

The most exhaustive list of reliable DNS resolvers.

Offensive Resources ⭐ 498

A Huge Learning Resources with Labs For Offensive Security Players

PoC for a new sleep obfuscation technique leveraging waitable timers to evade memory scanners.

Bigbountyrecon ⭐ 471

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Powershell Red Team ⭐ 437

Collection of PowerShell functions a Red Teamer may use in an engagement

Pipeviewer ⭐ 423

A tool that shows detailed information about named pipes in Windows

Ntlmrecon ⭐ 397

Enumerate information from NTLM authentication enabled web endpoints 🔎

Exiflooter ⭐ 395

ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

Pentesting automation platform that combines hacking tools to complete assessments

Bounceback ⭐ 382

↕️🤫 Stealth redirector for your red team operation security

Loobins ⭐ 366

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.

Emploleaks ⭐ 352

An OSINT tool that helps detect members of a company with leaked credentials

Offensive Reverse Shell Cheat Sheet ⭐ 351

Collection of reverse shells for red team operations, penetration testing, and offensive security.

Venom is a library that meant to perform evasive communication using stolen browser socket

RPC Monitor tool based on Event Tracing for Windows

Goodhound ⭐ 255

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

Slack Watchman ⭐ 252

Slack enumeration and exposed secrets detection tool

Fudgec2 ⭐ 236

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.

Satellite ⭐ 216

easy-to-use payload hosting

Cypheroth ⭐ 202

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Jormungandr ⭐ 201

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

Mrkaplan ⭐ 200

MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.

Kunge Cybersecurity Learning ⭐ 175

全网首创，坤哥网安学习法，最屌没有之一

Gitlab Watchman ⭐ 174

Finding exposed secrets and personal data in GitLab

Redditc2 ⭐ 174

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.

Pentesting Bugbounty ⭐ 162

Bringing infosec community, group and leaders together that solve community challenges, problems, create cultural and provide value to Infosec community.

A robust Red Team proxy written in Go.

Skanuvaty ⭐ 140

Dangerously fast DNS/network/port scanner

The_hive ⭐ 137

My public notes about offensive security

FOFA EX 是一款基于fofa api（也可导入鹰图、夸克文件）实现的红队综合利用工具，可基于模板把工具作为插件进行集成，自动化进行 nuclei 模板扫描、IP反查域名、域名反查 ICP 备案、dismap 指纹扫描

Murmurhash ⭐ 101

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Htmlsmuggler ⭐ 100

✉️ HTML Smuggling generator&obfuscator for your Red Team operations

Preferred Network List Sniffer ⭐ 98

A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.

Lazypariah ⭐ 90

A tool for generating reverse shell payloads on the fly.

Nist To Tech ⭐ 88

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Turbo Attack ⭐ 87

A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.

Deserter ⭐ 84

A targeted DNS cache poisoner

Caldera_pathfinder ⭐ 84

Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.

Impulsivedllhijack ⭐ 81

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Cve 2022 0337 Poc Google Chrome Microsoft Edge Opera ⭐ 79

🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

Dorothy is a tool to test security monitoring and detection for Okta environments

Recon365 ⭐ 77

Gather information from an email address connected to Office 365

Controlcompass.github.io ⭐ 76

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

Enumerate a target Based off of Nmap Results

Awesome Cyber ⭐ 65

A curated list of tools useful within the field of cyber security, for both blue and red team operations.

Reversepowershell ⭐ 63

Functions that can be used to gain Reverse Shells with PowerShell

Tallgrass ⭐ 61

An AV exclusion enumeration tool written in Python.

Red Team Curation List ⭐ 60

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Pivot your way deeper into computer networks with SSH compromised machines.

Bumblecrypt ⭐ 50

A Bumblebee-inspired Crypter

Cybersecurity Red Team ⭐ 49

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Red Team (Offensive) in Cybersecurity.

Cybersecurity_conferences ⭐ 48

List of some cybersecurity conferences

Remote Command executor

Gomalleable ⭐ 47

🔎🪲 Malleable C2 profiles parser and assembler written in golang

Process Hollowing Redteamops ⭐ 46

Red Team Operation's Defense Evasion Technique.

Sherlock ⭐ 46

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Exfilkit ⭐ 44

Data exfiltration utility for testing detection capabilities

The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.

Pentest Resources Cheat Sheets ⭐ 33

This repository contains a curated list of websites and repositories featuring pentest & red-team resources such as cheatsheets, write-ups, tools, techniques, programming/scripting notes, and more. I documented them in this repo to provide like-minded offensive security enthusiasts and professionals easy access to these valuable resources.

Do1ng 个人维护的安全知识框架, 包括但不限于渗透测试、信息收集、安全工具等相关资源

Sharpcghunter ⭐ 29

Receive the status of Windows Defender Credential Guard on network hosts.

Cve 2018 4407 ⭐ 29

IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]

Github Watchman ⭐ 26

Monitoring GitHub for sensitive data shared publicly

Sphinx.bot ⭐ 24

Sphinx.bot is a platform for collecting data leaks. All information recorded here is publicly available on the web. Any malicious use of this information is strictly prohibited.

Red Team Essentials ⭐ 22

This repo will contain some basic pentest/RT commands.

Web Scanner ⭐ 17

Escaner WEB que tiene como objetivo sacar toda la información posible como IP, CMS, Usuarios, posibles correos, rendimiento de la URL, Puertos Abiertos, Subdirectorios ... Etc.

Osintbookmarks ⭐ 16

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

Thecollective ⭐ 16

The Collective. A repo for a collection of red team and/or pen test projects found mostly on Github. https://github.com/ceramicskate0/TheCollective #infosec #redteaming #pentest

Behold3r ⭐ 15

收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.

Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.

Dnsupdate ⭐ 11

A python based script to update DNS entries in ADIDNS

Awsrecon ⭐ 11

Tool for reconnaissance of AWS cloud environments

Cybersecurity References ⭐ 11

A collection of cheat sheets and power commands.

C2 Cloud ⭐ 10

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.

Explorationc2 ⭐ 10

Exploration around command and control (C2) and related subjects.

Every Hacker's Go to Fuzzing List. Introducing the Ultimate Fuzzing Directory: Your Go-To Resource for Penetration Testers and Bug Bounty Hunters! Unlock the power of comprehensive fuzzing with our meticulously curated Fuzzing Directory, a one-stop solution designed to streamline your penetration testing and bug bounty hunting endeavors.

Goblyn is a Python tool focused to enumeration and capture of website files metadata.

Automated Cme Password Spraying ⭐ 9

A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout Threshold and a Reset Account Lockout Counter.

Awesome Recon Tools ⭐ 9

A compiled list of tools for reconnaissance and footprinting

Related Searches

Python Cybersecurity (819)

Security Cybersecurity (402)

1-50 of 50 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.