Top 181 redteam open source projects

Enumerate information from NTLM authentication enabled web endpoints 🔎

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Some notes and examples for cobalt strike's functionality

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Test Blue Team detections without running any attack.

C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends

A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

The GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.

泰阿安全实验室-基于XUbuntu私人订制的红蓝对抗渗透操作系统

A list of payload and bypass lists for penetration testing and red team infrastructure build.

备考 OSCP 的各种干货资料/渗透测试干货资料

Passwords Recovery Tool

🔺 Red Team Hardware Toolkit 🔺

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Linux C2 框架demo，为期2周的”黑客编程马拉松“，从学习编程语言开始到实现一个demo的产物

Monitoring your Slack workspaces for sensitive information

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

🚀 Fast Port Scanner 🚀

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Disposable and resilient red team infrastructure with Terraform

Red Teaming Tactics and Techniques

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Monitoring GitLab for sensitive data shared publicly

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

New UAC bypass for Silent Cleanup for CobaltStrike

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A PowerShell module to deploy active directory decoy objects.

Project to enumerate proxy configurations and generate shellcode from CobaltStrike

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

Collection of quality safety articles. Awesome articles.

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Extensible Red Team Framework

Webshell Manager

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

DeepSea Phishing Gear

mosquito - Automating reconnaissance and brute force attacks

Automation for internal Windows Penetrationtest / AD-Security

红队作战中比较常遇到的一些重点系统漏洞整理。

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File

The Collective. A repo for a collection of red-team projects found mostly on Github.

A set of recipes useful in pentesting and red teaming scenarios

Venom - A Multi-hop Proxy for Penetration Testers

Script collection to bypass Network Access Control (NAC, 802.1x)

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

The goal of this repository is to document the most common techniques to bypass AppLocker.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources

A list to discover work of red team tooling and methodology for penetration testing and security assessment