Awesome Open Source

Programming Languages

Search results for python red team

72 search results found

Sherlock ⭐ 46,337

🔎 Hunt down social media accounts by username across social networks

Dirsearch ⭐ 11,165

Web path scanner

Theharvester ⭐ 10,249

E-mails, subdomains and names Harvester - OSINT

Caldera ⭐ 4,930

Automated Adversary Emulation Platform

Adversarial Robustness Toolbox ⭐ 4,420

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

Villain ⭐ 3,376

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

Snoop ⭐ 2,530

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Silenttrinity ⭐ 2,087

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Malicious Pdf ⭐ 2,029

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Phpsploit ⭐ 2,000

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Gitgraber ⭐ 1,870

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

100 Redteam Projects ⭐ 1,661

Projects for security students

Poshc2 ⭐ 1,645

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

Redteam Offensivesecurity ⭐ 1,630

Tools & Interesting Things for RedTeam Ops

Poc Bomber ⭐ 1,604

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

Netexec ⭐ 1,596

The Network Execution Tool

Roadtools ⭐ 1,540

A collection of Azure AD tools for offensive and defensive security purposes

Macro_pack ⭐ 1,420

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Sprayingtoolkit ⭐ 1,360

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Ghostwriter ⭐ 1,116

The SpecterOps project management and reporting engine

Plumhound ⭐ 958

Bloodhound for Blue and Purple Teams

Sam The Admin ⭐ 818

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Vcenterkit ⭐ 754

Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit

红队基础设施自动化部署工具

Slackpirate ⭐ 717

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

Dumpsterfire ⭐ 709

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Octopus ⭐ 705

Open source pre-operation C2 server based on python and powershell

Red Kube ⭐ 689

Red Team K8S Adversary Emulation Based on kubectl

Blackmamba ⭐ 688

C2/post-exploitation framework

Sandman ⭐ 670

Sandman is a NTP based backdoor for red team engagements in hardened networks.

Fireelf ⭐ 620

fireELF - Fileless Linux Malware Framework

Aiodnsbrute ⭐ 579

Python 3.5+ DNS asynchronous brute force utility

Overlord ⭐ 463

Overlord - Red Teaming Infrastructure Automation

Slackor ⭐ 452

A Golang implant that uses Slack as a command and control server

Kraken, a modular multi-language webshell coded by @secu_x11

Gtfonow ⭐ 414

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

Ntlmrecon ⭐ 397

Enumerate information from NTLM authentication enabled web endpoints 🔎

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

Tactics, Techniques, and Procedures

Pentesting automation platform that combines hacking tools to complete assessments

Power Pwn ⭐ 370

An offensive and defensive security toolset for Microsoft 365 Power Platform

Loobins ⭐ 366

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.

Emploleaks ⭐ 352

An OSINT tool that helps detect members of a company with leaked credentials

Offensive Reverse Shell Cheat Sheet ⭐ 351

Collection of reverse shells for red team operations, penetration testing, and offensive security.

Msfmania ⭐ 321

Python AV Evasion Tools

Pinkerton ⭐ 272

🕵️ Pinkerton is an JavaScript file crawler and secret finder tool developed in Python

Pythonmemorymodule ⭐ 265

pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory

Godgenesis ⭐ 260

A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoints.

Goodhound ⭐ 255

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

Slack Watchman ⭐ 252

Slack enumeration and exposed secrets detection tool

Fudgec2 ⭐ 236

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Wifi Dumper ⭐ 233

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

Graphql Cop ⭐ 229

Security Auditor Utility for GraphQL APIs

Reverse Shell Cheatsheet ⭐ 218

🙃 Reverse Shell Cheat Sheet 🙃

Emailall ⭐ 216

EmailAll is a powerful Email Collect tool — 一款强大的邮箱收集工具

Sshimpanzee ⭐ 211

SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)

Gtfoblookup ⭐ 206

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).

Leakscraper ⭐ 193

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.

Wordlists handcrafted (and automated) with ♥

Jiraffe ⭐ 178

One stop place for exploiting Jira instances in your proximity

XENA is the managed remote administration platform for botnet creation & development powered by blockchain and machine learning. Aiming to provide an ecosystem which serves the bot herders. Favoring secrecy and resiliency over performance. It's micro-service oriented allowing for specialization and lower footprint. Join the community of the ultimate Botnet kit.

Gitlab Watchman ⭐ 174

Finding exposed secrets and personal data in GitLab

Redditc2 ⭐ 174

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.

Atomic Red Team Intelligence C2 ⭐ 163

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

Fileless Elf Exec ⭐ 162

Execute ELF files without dropping them on disk

Cve 2023 46747 Rce ⭐ 159

exploit for f5-big-ip RCE cve-2023-46747

Remote Desktop Caching ⭐ 155

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Pyphisher ⭐ 154

Python tool for phishing

Wwwtree ⭐ 146

A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.

R3d Buck3t ⭐ 134

Penetration Testing, Vulnerability Assessment and Red Team Learning

Duckyspark ⭐ 127

Translator from USB-Rubber-Ducky payloads to a Digispark code.

Waterdragon ⭐ 121

WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files

Doxycannon ⭐ 111

A poorman's proxycannon and botnet, using docker, ovpn files, tor nodes, and dante socks5 proxies

Shonydanza ⭐ 110

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Synergy Httpx ⭐ 106

A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).

Murmurhash ⭐ 101

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Terry The Terraformer ⭐ 99

A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration

Preferred Network List Sniffer ⭐ 98

A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.

Mediator ⭐ 91

An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.

Adfsbrute ⭐ 85

A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.

Caldera_pathfinder ⭐ 84

Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.

Asnrecon ⭐ 79

ASN reconnaissance script

Redteam Infra ⭐ 78

Dorothy is a tool to test security monitoring and detection for Okta environments

Cve 2023 22960 ⭐ 77

This vulnerability allows an attacker to bypass the credentials brute-force prevention mechanism of the Embedded Web Server (interface) of more than 60 Lexmark printer models. This issue affects both username-password and PIN authentication.

Recon365 ⭐ 77

Gather information from an email address connected to Office 365

Search for Unix binaries that can be exploited to bypass system security restrictions.

Enumerate a target Based off of Nmap Results

Teamsenum ⭐ 73

User Enumeration of Microsoft Teams users via API

Cyberspace_map_api ⭐ 67

Use Fofa、shodan、zoomeye、360quake to collect information(e.g:domain,IP,CMS,OS)同时调用Fofa、shodan、z

Backdoros ⭐ 67

backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.

Cloud Droid ⭐ 61

Cloud Incident and Response Simulations

Tallgrass ⭐ 61

An AV exclusion enumeration tool written in Python.

Antivirus Signature Search Toolkit

Hades C2 ⭐ 55

Hades Basic Command & Control Server

Duckduckc2 ⭐ 55

A proof-of-concept C2 channel through DuckDuckGo's image proxy service

Pivot your way deeper into computer networks with SSH compromised machines.

Related Searches

Python Django (28,897)

Python Machine Learning (20,195)

Python Flask (17,643)

Python Docker (14,918)

Python Dataset (14,792)

Python Tensorflow (13,736)

Python Command Line (13,641)

Python Deep Learning (13,092)

Python Jupyter Notebook (12,976)

Python Network (11,695)

1-72 of 72 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.