Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (+119.54%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+380.46%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (+86.21%)
ShellyAutomatic Reverse Shell Generator
Stars: ✭ 38 (-56.32%)
redpillAssist reverse tcp shells in post-exploration tasks
Stars: ✭ 142 (+63.22%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (+381.61%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (+22.99%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (+1.15%)
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+1265.52%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (+119.54%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+525.29%)
GopherC# tool to discover low hanging fruits
Stars: ✭ 73 (-16.09%)
meteorA cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
Stars: ✭ 31 (-64.37%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+6831.03%)
Attack ToolsUtilities for MITRE™ ATT&CK
Stars: ✭ 810 (+831.03%)
Go ShellcodeLoad shellcode into a new process
Stars: ✭ 456 (+424.14%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (+278.16%)
atermIt records your terminal, then lets you upload to ASHIRT
Stars: ✭ 17 (-80.46%)
MalwlessTest Blue Team detections without running any attack.
Stars: ✭ 215 (+147.13%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-57.47%)
Vipermetasploit-framework 图形界面 / 图形化内网渗透工具
Stars: ✭ 487 (+459.77%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-2.3%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+918.39%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+1311.49%)
Awesome Cobaltstrikecobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
Stars: ✭ 1,157 (+1229.89%)
PwndropSelf-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
Stars: ✭ 878 (+909.2%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-21.84%)
Venomvenom - shellcode generator/compiler/handler (metasploit)
Stars: ✭ 904 (+939.08%)
Attack NavigatorWeb app that provides basic navigation and annotation of ATT&CK matrices
Stars: ✭ 887 (+919.54%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-3.45%)
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-9.2%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-21.84%)
Fsocietyfsociety Hacking Tools Pack – A Penetration Testing Framework
Stars: ✭ 7,224 (+8203.45%)
Rootkits List DownloadThis is the list of all rootkits found so far on github and other sites.
Stars: ✭ 815 (+836.78%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+824.14%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-10.34%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+8810.34%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+791.95%)
Decryptrdcmanager.NET 4.0 Remote Desktop Manager Password Gatherer
Stars: ✭ 59 (-32.18%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+7643.68%)
Bof RegsaveDumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
Stars: ✭ 85 (-2.3%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+790.8%)
Pathwar☠️ The Pathwar Project ☠️
Stars: ✭ 58 (-33.33%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+788.51%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+781.61%)
Macro packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (+1132.18%)
Poshc2A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Stars: ✭ 747 (+758.62%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+1263.22%)