moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
RedTeamOne line PS scripts that may come handy during your network assesment
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
ImpulsiveDLLHijackC# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
DiscordGoDiscord C2 for Redteam....Need a better name
redpillAssist reverse tcp shells in post-exploration tasks
anti-honeypot一款可以检测WEB蜜罐并阻断请求的Chrome插件,能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
certexfilExfiltration based on custom X509 certificates
365-Stealer365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.
sherlock🔎 Find usernames across social networks
brutasWordlists and passwords handcrafted with ♥
tridentautomated password spraying tool
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
ShellyAutomatic Reverse Shell Generator
ConstoleScan for and exploit Consul agents
transportc2PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
ReverseShellDllC++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked
RedBook基于Threathunting-book基础上完善的狩猎视角红队handbook
volana🌒 Shell command obfuscation to avoid detection systems
adduser-dllSimple DLL that add a user to the local Administrators group
meteorA cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
HellgateLoader CSharpLoad shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
nTimetoolsTimestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
JiraffeOne stop place for exploiting Jira instances in your proximity
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
DNSWhotransmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV
SLibSLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#
GopherC# tool to discover low hanging fruits
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
palinka c2Just another useless C2 occupying space in some HDD somewhere.
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
atermIt records your terminal, then lets you upload to ASHIRT
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
BlueTeam.LabBlue Team detection lab created with Terraform and Ansible in Azure.
InlineWhispers2Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
PwnedPasswordsCheckerSearch (offline) if your password (NTLM or SHA1 format) has been leaked (HIBP passwords list v8)
uberduckyWireless USB Rubber Ducky triggered via BLE (make your Ubertooth quack!)