320 Open source projects that are alternatives of or similar to Awesome Red Teaming

A collection of Cobalt Strike aggressor scripts

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Functions that can be used to gain Reverse Shells with PowerShell

一款适用于红蓝对抗中的仿真钓鱼系统

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Offensive Reverse Shell (Cheat Sheet)

DeepSea Phishing Gear

GoPhish Templates that I have retired and/or templates I've recreated.

Wiki to collect Red Team infrastructure hardening resources

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Red Teaming Tactics and Techniques

Check Domain Fronting (chkdfront) - It checks if your domain fronting is working

Just another useless C2 occupying space in some HDD somewhere.

Leaked pentesting manuals given to Conti ransomware crooks

One line PS scripts that may come handy during your network assesment

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Red Teaming Tactics and Techniques

365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.

Python AV Evasion Tools

Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

Exfiltration based on custom X509 certificates

edge --> powerpoint --> remote-file --> shell

Projects for security students

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

Search for Unix binaries that can be exploited to bypass system security restrictions.

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

cobaltstrike ms17-010 module and some other

Collection of PoC and offensive techniques used by the BlackArrow Red Team

🙃 Reverse Shell Cheat Sheet 🙃

Free Fire Phishing Tool ID Hack Tool For Online Hacking

cobalt strike 自启动脚本

A pentesting tool inspired by mr robot and derived by zphisher

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Network Pivoting Toolkit

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻

The most complete phishing tool

OSINT

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

UIAccess UAC Bypass using token duplication and keyboard events

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A Python DNS crawler to find identical domain names under different TLDs.

Camera phishing tool. If anyone opens link generated by CamHacker and permits camera access his/her photo will be captured!

👻Impost3r -- A linux password thief

Information gathering & website reconnaissance | https://phishstats.info/

Modlishka. Reverse Proxy.

Python-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network.

No description or website provided.

Awesome cloud enumerator

A simple phishing tool that can phish almost any website

A dataset of various malicious cryptocurrency-related URLs and Twitter profiles

A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

CobatStrike-Script, Beacon上线,微信实时推送!

Mercure is a tool for security managers who want to train their colleague to phishing.

LD_PRELOAD rootkit