ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-87.65%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (-18.75%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-93.6%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+12.65%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (-85.03%)
EmagnetAutomated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password together from recent uploads from https://pastebin.com. Bruteforce support for spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts
Stars: ✭ 688 (+0%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-75%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-84.45%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-41.13%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+504.94%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+65.12%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-51.89%)
PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (-58.14%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+21.08%)
Physmem2profitPhysmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Stars: ✭ 244 (-64.53%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-83.58%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-81.69%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+299.71%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (-46.51%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-46.22%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+81.54%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-21.37%)
Adversarial Robustness ToolboxAdversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
Stars: ✭ 2,638 (+283.43%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-71.95%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-78.2%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-89.83%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-87.5%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-38.52%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+716.13%)
UnitypcssNvidia's PCSS soft shadow algorithm implemented in Unity
Stars: ✭ 533 (-22.53%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (-12.65%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-22.53%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-6.4%)
MremotengmRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager.
Stars: ✭ 5,935 (+762.65%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-24.85%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (-25.44%)
Esp8266 beaconspamCreates up to a thousand WiFi access points with custom SSIDs.
Stars: ✭ 575 (-16.42%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-26.02%)
EvilurlGenerate unicode evil domains for IDN Homograph Attack and detect them.
Stars: ✭ 654 (-4.94%)
DhcpwnAll your IPs are belong to us.
Stars: ✭ 642 (-6.69%)
FreerdpFreeRDP is a free remote desktop protocol library and clients
Stars: ✭ 5,858 (+751.45%)
Buy pig plan电话攻击(电话轰炸、可代替短信轰炸)、留言攻击工具 | 已删库
Stars: ✭ 506 (-26.45%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-26.74%)
PyrdpRDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Stars: ✭ 567 (-17.59%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+691.42%)
SimpleremoteRemote Administration Tools
Stars: ✭ 504 (-26.74%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-7.56%)
LongshadowAdd a long shadow on any Android View
Stars: ✭ 562 (-18.31%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-27.33%)
AggressorscriptsAggressor scripts for use with Cobalt Strike 3.0+
Stars: ✭ 501 (-27.18%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-19.19%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-27.47%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (-1.45%)