Awesome Open Source

Programming Languages

Search results for red team

853 search results found

Payloadsallthethings ⭐ 57,656

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Sherlock ⭐ 51,469

🔎 Hunt down social media accounts by username across social networks

Bettercap ⭐ 15,874

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Dirsearch ⭐ 11,165

Web path scanner

Theharvester ⭐ 10,375

E-mails, subdomains and names Harvester - OSINT

Atomic Red Team ⭐ 8,648

Small and highly portable detection tests based on MITRE's ATT&CK.

Quasar ⭐ 8,233

Remote Administration Tool for Windows

Red Teaming Toolkit ⭐ 8,230

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Nishang ⭐ 7,771

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Sliver ⭐ 7,152

Adversary Emulation Framework

Awesome Red Teaming ⭐ 6,470

List of Awesome Red Teaming Resources

Awesome Hacker Search Engines ⭐ 6,307

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Lolbas ⭐ 6,294

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Gather and update all available and newest CVEs with their PoC.

Yakit ⭐ 5,790

Cyber Security ALL-IN-ONE Platform

Hacktools ⭐ 5,367

The all-in-one browser extension for offensive security professionals 🛠

Infosec_reference ⭐ 5,348

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

1earn ⭐ 5,065

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Caldera ⭐ 4,930

Automated Adversary Emulation Platform

Adversarial Robustness Toolbox ⭐ 4,420

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

Covenant ⭐ 4,034

Covenant is a collaborative .NET C2 framework for red teamers.

Redteam Tools ⭐ 4,019

Tools and Techniques for Red Team / Penetration Testing

Red Team Infrastructure Wiki ⭐ 3,934

Wiki to collect Red Team infrastructure hardening resources

Redteaming Tactics And Techniques ⭐ 3,852

Red Teaming Tactics and Techniques

Kubernetes Goat ⭐ 3,694

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Awesome Cobaltstrike ⭐ 3,525

CobaltStrike的相关资源汇总 / List of Awesome CobaltStrike Resources

Viper ⭐ 3,385

Redteam operation platform with webui 图形化红队行动辅助平台

Villain ⭐ 3,376

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

Discover ⭐ 3,238

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

Winpwn ⭐ 3,151

Automation for internal Windows Penetrationtest / AD-Security

Peiqi Wiki Book ⭐ 3,075

面向网络安全从业者的知识文库🍃

Kscan ⭐ 3,061

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议

Black Hat Rust ⭐ 2,662

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Redeye ⭐ 2,532

RedEye is a visual analytic tool supporting Red & Blue Team operations

Snoop ⭐ 2,530

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Awesome Mobile Security ⭐ 2,511

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Av_evasion_tool ⭐ 2,416

掩日 - 免杀执行器生成工具

Penetration Testing Tools ⭐ 2,393

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Enscan_go ⭐ 2,381

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备

Stowaway ⭐ 2,195

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Silenttrinity ⭐ 2,087

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Cloud Exploitation Framework 云环境利用框架，方便安全人员在获得 AK 的后续工作

Malicious Pdf ⭐ 2,029

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Phpsploit ⭐ 2,000

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Crossc2 ⭐ 1,974

generate CobaltStrike's cross-platform payload

Ligolo Ng ⭐ 1,950

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Venom ⭐ 1,947

Venom - A Multi-hop Proxy for Penetration Testers

Gitgraber ⭐ 1,910

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Bypassav ⭐ 1,898

This map lists the essential techniques to bypass anti-virus and EDR

Attack_range ⭐ 1,874

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Dismap ⭐ 1,840

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

Ultimateapplockerbypasslist ⭐ 1,817

The goal of this repository is to document the most common techniques to bypass AppLocker.

Ezxss ⭐ 1,715

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Poshc2 ⭐ 1,714

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

100 Redteam Projects ⭐ 1,661

Projects for security students

Diamorphine ⭐ 1,639

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Redteam Offensivesecurity ⭐ 1,630

Tools & Interesting Things for RedTeam Ops

Cybersecurityrss ⭐ 1,622

CyberSecurityRSS: A collection of cybersecurity rss to make you better!

Redteam_vul ⭐ 1,612

红队作战中比较常遇到的一些重点系统漏洞整理。

Poc Bomber ⭐ 1,604

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

Netexec ⭐ 1,596

The Network Execution Tool

Pwndrop ⭐ 1,581

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

Pezor ⭐ 1,579

Open-Source Shellcode & PE Packer

Lolbas ⭐ 1,572

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Roadtools ⭐ 1,540

A collection of Azure AD tools for offensive and defensive security purposes

Bashfuscator ⭐ 1,495

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

Cloakify ⭐ 1,483

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Gitjacker ⭐ 1,466

🔪 :octocat: Leak git repositories from misconfigured websites

Nidhogg ⭐ 1,453

Nidhogg is an all-in-one simple to use rootkit.

Platypus ⭐ 1,442

🔨 A modern multiple reverse shell sessions manager written in go

Aggressorscripts ⭐ 1,438

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

Shad0w ⭐ 1,432

A post exploitation framework designed to operate covertly on heavily monitored environments

Macro_pack ⭐ 1,420

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Adversary_emulation_library ⭐ 1,419

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Collection Document ⭐ 1,416

Collection of quality safety articles. Awesome articles.

Venom ⭐ 1,403

venom - C2 shellcode generator/compiler/handler

Fofa_viewer ⭐ 1,377

A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.

Sprayingtoolkit ⭐ 1,360

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Inceptor ⭐ 1,295

Template-Driven AV/EDR Evasion Framework

A Red Teamer Diaries ⭐ 1,294

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Pi Pwnbox Rogueap ⭐ 1,263

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡

Lockdoor Framework ⭐ 1,254

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Vscan ⭐ 1,226

开源、轻量、快速、跨平台的网站漏洞扫描工具，帮助您快速检测网站安全隐患。功能端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)

Red_team ⭐ 1,219

Some scripts useful for red team activities

Rootkits List Download ⭐ 1,216

This is the list of all rootkits found so far on github and other sites.

Goblin ⭐ 1,182

一款适用于红蓝对抗中的仿真钓鱼系统

Security List ⭐ 1,181

If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中，如果有什么好的意见或建议，请在Issues反馈，感谢您的参与

Sessiongopher ⭐ 1,159

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Wadcoms.github.io ⭐ 1,158

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

Emp3r0r ⭐ 1,151

Linux/Windows post-exploitation framework made by linux user

Galaxy Bugbounty Checklist ⭐ 1,133

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Goofuzz ⭐ 1,119

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

Bokuloader ⭐ 1,118

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

Ghostwriter ⭐ 1,116

The SpecterOps project management and reporting engine

Attack surface mapping

Autordpwn ⭐ 1,043

The Shadow Attack Framework

Perun ⭐ 1,037

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫

Moonwalk ⭐ 1,033

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

Inventory ⭐ 1,019

Asset inventory of over 800 public bug bounty programs.

Awesome Redteam Cheatsheet ⭐ 1,017

Red Team Cheatsheet in constant expansion.

1-100 of 853 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.