Physmem2profitPhysmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
RubyfuRubyfu, where Ruby goes evil!
CalderaAutomated Adversary Emulation Platform
DartDART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
CovenantCovenant is a collaborative .NET C2 framework for red teamers.
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Litmus testDetecting ATT&CK techniques & tactics for Linux
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Community ThreatsThe GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Go Deliver Go-deliver is a payload delivery tool coded in Go.
SliverAdversary Simulation Framework
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Gitjacker🔪 Leak git repositories from misconfigured websites
Shad0wA post exploitation framework designed to operate covertly on heavily monitored environments
Netmap.jsFast browser-based network discovery module
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
SleightEmpire HTTP(S) C2 redirector setup script
AggressorscriptsCollection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Pi Pwnbox RogueapHomemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
QuasarRemote Administration Tool for Windows
Dref DNS Rebinding Exploitation Framework
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
ParadoxiaratParadoxiaRat : Native Windows Remote access Tool.
GhostwriterThe SpecterOps project management and reporting engine
Slackor A Golang implant that uses Slack as a command and control server
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Hunter(l)user hunter using WinAPI calls only
WalrusAn Android app that lets you use your access control card cloning devices in the field.
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
PentmenuA bash script for recon and DOS attacks
Adversarial Robustness ToolboxAdversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.