Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for redteam tools
redteam-tools
x
124 search results found
Scanners Box
⭐
8,001
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Traitor
⭐
6,329
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Yakit
⭐
5,790
Cyber Security ALL-IN-ONE Platform
Villain
⭐
3,376
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
Dismap
⭐
1,840
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Mortar
⭐
1,216
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
Goblin
⭐
1,182
一款适用于红蓝对抗中的仿真钓鱼系统
Moonwalk
⭐
1,033
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
Berylenigma
⭐
573
ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集,用来进行渗透测试,密码学研究,CTF和日常使用。
Pyramid
⭐
515
a tool to help operate in EDRs' blind spots
Redteam_toolkit
⭐
512
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Kubesploit
⭐
501
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
About Attack
⭐
501
一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集,降低红队技术门槛的手册【持续更新】
Powershellarmoury
⭐
449
A PowerShell armoury for security guys and girls
Pipeviewer
⭐
423
A tool that shows detailed information about named pipes in Windows
Dome
⭐
412
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Offensive Osint Tools
⭐
373
OffSec OSINT Pentest/RedTeam Tools
Petitpotato
⭐
358
Local privilege escalation via PetitPotam (Abusing impersonate privileges).
Eviltree
⭐
348
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
Krbuacbypass
⭐
322
UAC Bypass By Abusing Kerberos Tickets
Vajra
⭐
292
Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.
Nebula
⭐
291
AI-Powered Ethical Hacking Assistant
Rpcmon
⭐
271
RPC Monitor tool based on Event Tracing for Windows
Pythonmemorymodule
⭐
265
pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
Apk2url
⭐
241
A tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Realm
⭐
221
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
Sharpgmailc2
⭐
219
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
Etwhash
⭐
182
C# POC to extract NetNTLMv1/v2 hashes from ETW provider
Reveng_rtkit
⭐
181
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
Red Tldr
⭐
170
red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel with certain experience.
Wwwtree
⭐
146
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
Ulexecve
⭐
141
ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries ever having to touch storage. This is useful for red-teaming and anti-forensics purposes.
Skanuvaty
⭐
140
Dangerously fast DNS/network/port scanner
Sharpstrike
⭐
137
A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.
Offensive Azure
⭐
135
Collection of offensive tools targeting Microsoft Azure
Edge
⭐
131
Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
Url Obfuscator
⭐
120
Python Program to obfuscate URLs to make Phishing attacks more difficult to detect. Uses Active open redirect list and other URL obfuscation techniques.
Chrome Bandit
⭐
119
Programmatically extract saved passwords from Chromium based browsers.
Babelstrike
⭐
101
The purpose of this tool is: 1. to transliterate and generate possible usernames out of a full names list that may include names written in multiple (non-English) languages, common problem occurring from scraped employee name lists (e.g. from Linkedin). 2. to transliterate a wordlist that may include words/phrases written in multiple (non-Englis
Some_pentesters_securityresearchers_redteamers
⭐
97
Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...
Llvm Yx Callobfuscator
⭐
88
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
Turbo Attack
⭐
87
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.
Bimg Shellcode Loader
⭐
82
Impulsivedllhijack
⭐
81
C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
Moduleshifting
⭐
71
Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes
Cobaltstrike Headless
⭐
65
Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
Dpapisnoop
⭐
62
A C# tool to output crackable DPAPI hashes from user MasterKeys
Conf Thief
⭐
58
A Red Team tool for exfiltrating sensitive data from Confluence pages.
Gator
⭐
57
GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments
Duckduckc2
⭐
55
A proof-of-concept C2 channel through DuckDuckGo's image proxy service
Autoredtools
⭐
54
AutoRedTools是一款轻量级一站式自动下载/自动更新常用开源软件的工具,主要帮助安全从业者/ 装的时间,从而提升生产效率或工作效率。
Forceadmin
⭐
53
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
Bumblecrypt
⭐
50
A Bumblebee-inspired Crypter
Jir Thief
⭐
49
A Red Team tool for exfiltrating sensitive data from Jira tickets.
Process Hollowing Redteamops
⭐
46
Red Team Operation's Defense Evasion Technique.
Ezea
⭐
45
EZEA (EaZy Enum Automator), made for OSCP. This tool uses bash to automate most of the enumeration proces
Go Cdn2proxy
⭐
44
proxy your C2 traffic through CDN using websocket
Gdir Thief
⭐
43
Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's API.
Laika
⭐
43
Cross-platform RAT, written in Modern C
Upnproxychain
⭐
40
A tool to create a SOCKS proxy server out of UPnProxy vulnerable device(s).
Offensive Snippets
⭐
40
A repository with my code snippets for research/education purposes.
Red Tldr Db
⭐
38
Red TL;DR Database is a set of text data that provides search for red-tldr. If you don’t know red-tldr yet, please read the documentation and try it out.
Phisherprice
⭐
38
All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Reddrop
⭐
34
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
Pt Toolkit
⭐
34
Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
Attacksurfacemanagement
⭐
33
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Lolbin Poc
⭐
32
Small PoC of using a Microsoft signed executable as a lolbin.
Sharpleftovers
⭐
30
A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup
Pentesting Mind Map
⭐
30
Web Hacking and Red Teaming MindMap
Gcc Stealer
⭐
30
Google Chrome Cookies Stealer. Steals Chrome cookies
Fairplay
⭐
30
Artifact monitoring that ensures fairplay
Catspin
⭐
29
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
Pathprober
⭐
26
Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once
Gd Thief
⭐
24
Red Team tool for exfiltrating files from a target's Google Drive that you have access to, via Google's API.
Malicious Rmqr Codes
⭐
23
Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
Frostbyte
⭐
23
FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
Responder Parser
⭐
23
Most Responder's configuration power in your hand
Ddwpasterecon
⭐
22
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.
Uuid Loader
⭐
21
UUID based Shellcode loader for your favorite C2
Wifi Pineapple Panel
⭐
21
Updated panel for Wifi Pineapple NANO/TETRA
Pendock
⭐
18
A script to build either Blackarch, Kali linux or ParrotOS Docker container which has the ability to provide desktop environment access either via X2Go or VNC
Bof Builder
⭐
18
C# .Net 5.0 project to build BOF (Beacon Object Files) in mass
Orgasm
⭐
18
A tool for Oragnized ASM (Attack Surface Mapper). Subdomains enumeration, IPs scans, Vulnerability assesment...
Maliketh
⭐
17
🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
Tchopper
⭐
17
conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine
Thecollective
⭐
16
The Collective. A repo for a collection of red team and/or pen test projects found mostly on Github. https://github.com/ceramicskate0/TheCollective #infosec #redteaming #pentest
Aggressiveproxy
⭐
16
Project to enumerate proxy configurations and generate shellcode from CobaltStrike
Connect
⭐
14
Command and Control Framework
Jasmin Ransomware
⭐
14
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Urlyzer
⭐
13
urlyzer is a URL parsing analysis tool.
Mavoc
⭐
12
Mavoc is an Automated c2 Windows and Linux Pentesting Tool used to generate reverse shell and deploy attacking scripts to host machines and can maintain multiple reverse connections .
Rti Toolkit
⭐
12
Remote Template Injection Toolkit
Blueprint
⭐
12
Templating with sinister modules
Ratemyai
⭐
12
Prompt Engineering Tool for AI Models with cli prompt or api usage
Docker
⭐
11
Cervantes plataform docker repository
Blackheart
⭐
11
BlackHeart is a simple python script to generate powershell scripts that demonstrate reverse shell gaining without Microsoft Defender restrictions. (FOR EDUCATIONAL PURPOSES!!)
Gosublister
⭐
11
A uber fast subdomain enumerator for web URLs using the power of Goroutines.
Lnk2vbs
⭐
11
A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.
The Not So Simple Php Command Shell
⭐
11
This tool is intended to be used for on target enumeration to gather and exfiltrate information and then to upload tools such as netcat or msvenom payload for further access to the target.
Stealthlink
⭐
9
With StealthLink, you can easily create a convincing mask for your phishing URLs, making them indistinguishable from legitimate websites. This tool is designed to provide a professional-level of obfuscation to any phishing URL, making it virtually impossible for users to detect.
1-100 of 124 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.