Awesome Open Source

Programming Languages

Search results for security red team

58 search results found

Payloadsallthethings ⭐ 55,999

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Bettercap ⭐ 15,224

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Dirsearch ⭐ 11,165

Web path scanner

Quasar ⭐ 8,149

Remote Administration Tool for Windows

Nishang ⭐ 7,771

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Awesome Hacker Search Engines ⭐ 6,307

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Gather and update all available and newest CVEs with their PoC.

Yakit ⭐ 5,790

Cyber Security ALL-IN-ONE Platform

1earn ⭐ 4,841

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Kubernetes Goat ⭐ 3,694

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Awesome Cobaltstrike ⭐ 3,525

CobaltStrike的相关资源汇总 / List of Awesome CobaltStrike Resources

Kscan ⭐ 3,061

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议

Black Hat Rust ⭐ 2,662

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Snoop ⭐ 2,530

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Awesome Mobile Security ⭐ 2,511

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Penetration Testing Tools ⭐ 2,393

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Stowaway ⭐ 2,195

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Venom ⭐ 1,911

Venom - A Multi-hop Proxy for Penetration Testers

Dismap ⭐ 1,840

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

100 Redteam Projects ⭐ 1,661

Projects for security students

Diamorphine ⭐ 1,639

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Redteam Offensivesecurity ⭐ 1,630

Tools & Interesting Things for RedTeam Ops

Cybersecurityrss ⭐ 1,622

CyberSecurityRSS: A collection of cybersecurity rss to make you better!

Redteam_vul ⭐ 1,612

红队作战中比较常遇到的一些重点系统漏洞整理。

Netexec ⭐ 1,596

The Network Execution Tool

Cloakify ⭐ 1,483

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Collection Document ⭐ 1,416

Collection of quality safety articles. Awesome articles.

Sprayingtoolkit ⭐ 1,360

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Vscan ⭐ 1,226

开源、轻量、快速、跨平台的网站漏洞扫描工具，帮助您快速检测网站安全隐患。功能端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)

Goblin ⭐ 1,182

一款适用于红蓝对抗中的仿真钓鱼系统

Security List ⭐ 1,181

If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中，如果有什么好的意见或建议，请在Issues反馈，感谢您的参与

Attack surface mapping

Perun ⭐ 1,037

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫

Moonwalk ⭐ 1,033

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

Inventory ⭐ 1,019

Asset inventory of over 800 public bug bounty programs.

Cyber Security ⭐ 1,000

My cyber security tools

Plumhound ⭐ 958

Bloodhound for Blue and Purple Teams

Ssh Snake ⭐ 874

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

Red Baron ⭐ 860

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

Aboutsecurity ⭐ 762

Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.

Leaky Paths ⭐ 746

A collection of special paths linked to common internal paths, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

Awesome List Of Secrets In Environment Variables ⭐ 722

🦄🔒 Awesome list of secrets in environment variables 🖥️

Dumpsterfire ⭐ 709

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Octopus ⭐ 705

Open source pre-operation C2 server based on python and powershell

Repo Supervisor ⭐ 621

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

Fireelf ⭐ 620

fireELF - Fileless Linux Malware Framework

Cve 2021 44228 Poc Log4j Bypass Words ⭐ 611

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Packetwhisper ⭐ 605

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Aiodnsbrute ⭐ 579

Python 3.5+ DNS asynchronous brute force utility

Mxtract ⭐ 573

mXtract - Memory Extractor & Analyzer

Gitoops ⭐ 558

all paths lead to clouds

Resolvers ⭐ 536

The most exhaustive list of reliable DNS resolvers.

Kubesploit ⭐ 501

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

Offensive Resources ⭐ 498

A Huge Learning Resources with Labs For Offensive Security Players

Kraken, a modular multi-language webshell coded by @secu_x11

Alanframework ⭐ 435

A C2 post-exploitation framework

Gtfonow ⭐ 414

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

Ntlmrecon ⭐ 397

Enumerate information from NTLM authentication enabled web endpoints 🔎

Exiflooter ⭐ 395

ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

Tactics, Techniques, and Procedures

Physmem2profit ⭐ 383

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

Bounceback ⭐ 382

↕️🤫 Stealth redirector for your red team operation security

Red Baron ⭐ 362

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams

Red_team_attack_lab ⭐ 360

Red Team Attack Lab for TTP testing & research

Koko Moni ⭐ 338

一个网络空间搜索引擎监控平台，可定时进行资产信息爬取，及时发现新增资产，本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源，并对获取到的数据进行去重与清洗

Maad Af ⭐ 314

MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

Gray_hat_csharp_code ⭐ 274

This repository contains full code examples from the book Gray Hat C#

Plugbot Plug ⭐ 243

The "bot" component of the PlugBot project

Hrshell ⭐ 242

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Idea Project Fish Exploit ⭐ 240

JetBrains系列产品.idea钓鱼反制红队

Fudgec2 ⭐ 236

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

事件驱动的渗透测试扫描器 Event-driven pentest scanner

Graphql Cop ⭐ 229

Security Auditor Utility for GraphQL APIs

Monitoring exploits & references for CVEs

Cervantes ⭐ 215

Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.

Internalallthethings ⭐ 213

Active Directory and Internal Pentest Cheatsheets

Mrkaplan ⭐ 200

MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.

Reveng_rtkit ⭐ 181

Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.

Wordlists handcrafted (and automated) with ♥

Jiraffe ⭐ 178

One stop place for exploiting Jira instances in your proximity

Pentesting Bugbounty ⭐ 162

Bringing infosec community, group and leaders together that solve community challenges, problems, create cultural and provide value to Infosec community.

Fileless Elf Exec ⭐ 162

Execute ELF files without dropping them on disk

Pyphisher ⭐ 154

Python tool for phishing

Skanuvaty ⭐ 140

Dangerously fast DNS/network/port scanner

Redteam Hardware Toolkit ⭐ 140

🔺 Red Team Hardware Toolkit 🔺

Pounce Keys ⭐ 136

PounceKey's is a Accessibility Service keylogger for Android 9 pie api 28 full launcher stealth. choose between recieving logs via IP, Gmail, or Discord. No txt files on device, straight buffer in logcat

Web_hacking ⭐ 135

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

R3d Buck3t ⭐ 134

Penetration Testing, Vulnerability Assessment and Red Team Learning

Airmaster ⭐ 131

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Awesome Lists ⭐ 124

Security lists for SOC detections

Pentesting Cookbook ⭐ 124

A set of recipes useful in pentesting and red teaming scenarios

Find Gh Poc ⭐ 117

Find CVE PoCs on GitHub

Wsmanager ⭐ 115

Webshell Manager

Insiders ⭐ 111

Archive of Potential Insider Threats

Infosec Interview Questions ⭐ 111

🗒️ A [work-in-progress] collection for interview questions for Information Security roles

Purpleteam ⭐ 106

Purpleteam scripts simulation & Detection - trigger events for SOC detections

Plugbot C2c ⭐ 105

This is the Command & Control component of the PlugBot project

Htmlsmuggler ⭐ 100

✉️ HTML Smuggling generator&obfuscator for your Red Team operations

Related Searches

Security Vulnerabilities (12,302)

Laravel Security (11,580)

Php Security (10,611)

Python Security (3,510)

Java Security (2,469)

Html Security (2,284)

Golang Security (1,316)

Shell Security (1,213)

Security Penetration Testing (920)

C Security (886)

1-58 of 58 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.