343 Open source projects that are alternatives of or similar to Atomic Red Team Intelligence C2

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Automatic Reverse Shell Generator

Assist reverse tcp shells in post-exploration tasks

linux post-exploitation framework made by linux user

Red Teaming Tactics and Techniques

unix SSH post-exploitation 1337 tool

Search for Unix binaries that can be exploited to bypass system security restrictions.

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

C2/post-exploitation framework

C# tool to discover low hanging fruits

A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Utilities for MITRE™ ATT&CK

Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...

Load shellcode into a new process

Network Pivoting Toolkit

Red Teaming Tactics and Techniques

备考 OSCP 的各种干货资料/渗透测试干货资料

It records your terminal, then lets you upload to ASHIRT

Test Blue Team detections without running any attack.

Bifrost C2. Open-source post-exploitation using Discord API

metasploit-framework 图形界面 / 图形化内网渗透工具

The Collective. A repo for a collection of red-team projects found mostly on Github.

Work in progress...

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Reproducible and extensible BloodHound playbooks

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Venom - A Multi-hop Proxy for Penetration Testers

cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

Offensive Terraform Website

A list to discover work of red team tooling and methodology for penetration testing and security assessment

venom - shellcode generator/compiler/handler (metasploit)

Web app that provides basic navigation and annotation of ATT&CK matrices

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

Script collection to bypass Network Access Control (NAC, 802.1x)

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

fsociety Hacking Tools Pack – A Penetration Testing Framework

Windows shellcode development in Rust

This is the list of all rootkits found so far on github and other sites.

A curated list of awesome OSCP resources

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Post-Exploitation Framework

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

.NET 4.0 Remote Desktop Manager Password Gatherer

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File

Windows Events Attack Samples

🆕 The Multi-Tool Web Vulnerability Scanner.

☠️ The Pathwar Project ☠️

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

记录自己编写、修改的部分工具

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

The goal of this repository is to document the most common techniques to bypass AppLocker.