180 Open source projects that are alternatives of or similar to Awesome Cobaltstrike

linux post-exploitation framework made by linux user

Collection of PoC and offensive techniques used by the BlackArrow Red Team

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Hershell is a simple TCP reverse shell written in Go.

Overlord - Red Teaming Infrastructure Automation

这是一个抓取浏览器密码的工具，后续会添加更多功能

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

cobaltstrike ms17-010 module and some other

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

Load shellcode into a new process

Projects for security students

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

This is the list of all rootkits found so far on github and other sites.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

E-mails, subdomains and names Harvester - OSINT

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

OSINT

metasploit-framework 图形界面 / 图形化内网渗透工具

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

记录自己编写、修改的部分工具

BadAssMacros - C# based automated Malicous Macro Generator.

mXtract - Memory Extractor & Analyzer

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Functions that can be used to gain Reverse Shells with PowerShell

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Open source pre-operation C2 server based on python and powershell

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

fireELF - Fileless Linux Malware Framework

Open-Source PE Packer

AV Evasion Tool For Red Team Ops

backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

List of Awesome Red Teaming Resources

Utilities for MITRE™ ATT&CK

👻Impost3r -- A linux password thief

🔎 Hunt down social media accounts by username across social networks

Tactics, Techniques, and Procedures

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Network Pivoting Toolkit

红队基础设施自动化部署工具

This repository contains full code examples from the book Gray Hat C#

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

🙃 Reverse Shell Cheat Sheet 🙃

generate CobaltStrike's cross-platform payload

Awesome cloud enumerator

Reproducible and extensible BloodHound playbooks

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Scan your code for security misconfiguration, search for passwords and secrets. 🔍