NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
CredsleakerCredsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Cobalt ArsenalMy collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
MalwlessTest Blue Team detections without running any attack.
SerpentineC++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
DoxycannonA poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
CypherothAutomated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
StracciatellaOpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
Community ThreatsThe GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
PandasniperLinux C2 框架demo,为期2周的”黑客编程马拉松“,从学习编程语言开始到实现一个demo的产物
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
AggressiveproxyProject to enumerate proxy configurations and generate shellcode from CobaltStrike
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
MalwarepersistencescriptsA collection of scripts I've written to help red and blue teams with malware persistence techniques.
BettercapThe Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
ArsenalExtensible Red Team Framework
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Resource filesmosquito - Automating reconnaissance and brute force attacks
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Atomic Red Team Intelligence C2ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Bof RegsaveDumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
VenomVenom - A Multi-hop Proxy for Penetration Testers
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment