Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for python red team
python
x
red-team
x
72 search results found
Sherlock
⭐
46,337
🔎 Hunt down social media accounts by username across social networks
Dirsearch
⭐
11,165
Web path scanner
Theharvester
⭐
10,249
E-mails, subdomains and names Harvester - OSINT
Caldera
⭐
4,930
Automated Adversary Emulation Platform
Adversarial Robustness Toolbox
⭐
4,420
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
Villain
⭐
3,376
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
Snoop
⭐
2,530
Snoop — инструмент разведки на основе открытых данных (OSINT world)
Silenttrinity
⭐
2,087
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Malicious Pdf
⭐
2,029
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Phpsploit
⭐
2,000
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Gitgraber
⭐
1,870
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
100 Redteam Projects
⭐
1,661
Projects for security students
Poshc2
⭐
1,645
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Redteam Offensivesecurity
⭐
1,630
Tools & Interesting Things for RedTeam Ops
Poc Bomber
⭐
1,604
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
Netexec
⭐
1,596
The Network Execution Tool
Roadtools
⭐
1,540
A collection of Azure AD tools for offensive and defensive security purposes
Macro_pack
⭐
1,420
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Sprayingtoolkit
⭐
1,360
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Ghostwriter
⭐
1,116
The SpecterOps project management and reporting engine
Plumhound
⭐
958
Bloodhound for Blue and Purple Teams
Sam The Admin
⭐
818
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
Vcenterkit
⭐
754
Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
Luwu
⭐
739
红队基础设施自动化部署工具
Slackpirate
⭐
717
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Dumpsterfire
⭐
709
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Octopus
⭐
705
Open source pre-operation C2 server based on python and powershell
Red Kube
⭐
689
Red Team K8S Adversary Emulation Based on kubectl
Blackmamba
⭐
688
C2/post-exploitation framework
Sandman
⭐
670
Sandman is a NTP based backdoor for red team engagements in hardened networks.
Fireelf
⭐
620
fireELF - Fileless Linux Malware Framework
Aiodnsbrute
⭐
579
Python 3.5+ DNS asynchronous brute force utility
Overlord
⭐
463
Overlord - Red Teaming Infrastructure Automation
Slackor
⭐
452
A Golang implant that uses Slack as a command and control server
Kraken
⭐
438
Kraken, a modular multi-language webshell coded by @secu_x11
Gtfonow
⭐
414
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Dome
⭐
412
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Ntlmrecon
⭐
397
Enumerate information from NTLM authentication enabled web endpoints 🔎
Spoofy
⭐
394
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
Ttps
⭐
388
Tactics, Techniques, and Procedures
Rekono
⭐
385
Pentesting automation platform that combines hacking tools to complete assessments
Power Pwn
⭐
370
An offensive and defensive security toolset for Microsoft 365 Power Platform
Loobins
⭐
366
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
Emploleaks
⭐
352
An OSINT tool that helps detect members of a company with leaked credentials
Offensive Reverse Shell Cheat Sheet
⭐
351
Collection of reverse shells for red team operations, penetration testing, and offensive security.
Msfmania
⭐
321
Python AV Evasion Tools
Pinkerton
⭐
272
🕵️ Pinkerton is an JavaScript file crawler and secret finder tool developed in Python
Pythonmemorymodule
⭐
265
pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
Godgenesis
⭐
260
A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoints.
Goodhound
⭐
255
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
Slack Watchman
⭐
252
Slack enumeration and exposed secrets detection tool
Fudgec2
⭐
236
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Wifi Dumper
⭐
233
This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.
Graphql Cop
⭐
229
Security Auditor Utility for GraphQL APIs
Reverse Shell Cheatsheet
⭐
218
🙃 Reverse Shell Cheat Sheet 🙃
Emailall
⭐
216
EmailAll is a powerful Email Collect tool — 一款强大的邮箱收集工具
Sshimpanzee
⭐
211
SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)
Gtfoblookup
⭐
206
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).
Leakscraper
⭐
193
LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Dart
⭐
185
DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
Brutas
⭐
180
Wordlists handcrafted (and automated) with ♥
Jiraffe
⭐
178
One stop place for exploiting Jira instances in your proximity
Xena
⭐
175
XENA is the managed remote administration platform for botnet creation & development powered by blockchain and machine learning. Aiming to provide an ecosystem which serves the bot herders. Favoring secrecy and resiliency over performance. It's micro-service oriented allowing for specialization and lower footprint. Join the community of the ultimate Botnet kit.
Gitlab Watchman
⭐
174
Finding exposed secrets and personal data in GitLab
Redditc2
⭐
174
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
Atomic Red Team Intelligence C2
⭐
163
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Fileless Elf Exec
⭐
162
Execute ELF files without dropping them on disk
Cve 2023 46747 Rce
⭐
159
exploit for f5-big-ip RCE cve-2023-46747
Remote Desktop Caching
⭐
155
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Pyphisher
⭐
154
Python tool for phishing
Wwwtree
⭐
146
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
R3d Buck3t
⭐
134
Penetration Testing, Vulnerability Assessment and Red Team Learning
Duckyspark
⭐
127
Translator from USB-Rubber-Ducky payloads to a Digispark code.
Waterdragon
⭐
121
WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对
Juumla
⭐
114
🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files
Doxycannon
⭐
111
A poorman's proxycannon and botnet, using docker, ovpn files, tor nodes, and dante socks5 proxies
Shonydanza
⭐
110
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Synergy Httpx
⭐
106
A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
Murmurhash
⭐
101
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Terry The Terraformer
⭐
99
A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
Preferred Network List Sniffer
⭐
98
A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
Mediator
⭐
91
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Adfsbrute
⭐
85
A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.
Caldera_pathfinder
⭐
84
Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
Asnrecon
⭐
79
ASN reconnaissance script
Redteam Infra
⭐
78
Dorothy
⭐
78
Dorothy is a tool to test security monitoring and detection for Okta environments
Cve 2023 22960
⭐
77
This vulnerability allows an attacker to bypass the credentials brute-force prevention mechanism of the Embedded Web Server (interface) of more than 60 Lexmark printer models. This issue affects both username-password and PIN authentication.
Recon365
⭐
77
Gather information from an email address connected to Office 365
Gtfo
⭐
76
Search for Unix binaries that can be exploited to bypass system security restrictions.
Recon
⭐
73
Enumerate a target Based off of Nmap Results
Teamsenum
⭐
73
User Enumeration of Microsoft Teams users via API
Cyberspace_map_api
⭐
67
Use Fofa、shodan、zoomeye、360quake to collect information(e.g:domain,IP,CMS,OS)同时调用Fofa、shodan、z
Backdoros
⭐
67
backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.
Cloud Droid
⭐
61
Cloud Incident and Response Simulations
Tallgrass
⭐
61
An AV exclusion enumeration tool written in Python.
Sf2
⭐
60
Antivirus Signature Search Toolkit
Hades C2
⭐
55
Hades Basic Command & Control Server
Duckduckc2
⭐
55
A proof-of-concept C2 channel through DuckDuckGo's image proxy service
Puwr
⭐
54
Pivot your way deeper into computer networks with SSH compromised machines.
Related Searches
Python Django (28,897)
Python Machine Learning (20,195)
Python Flask (17,643)
Python Docker (14,918)
Python Dataset (14,792)
Python Tensorflow (13,736)
Python Command Line (13,641)
Python Deep Learning (13,092)
Python Jupyter Notebook (12,976)
Python Network (11,695)
1-72 of 72 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.