478 Open source projects that are alternatives of or similar to Awesome Windows Red Team

Python AV Evasion Tools

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

ODAT: Oracle Database Attacking Tool

A Phishing Dropper designed to Pentest.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

A curated list of awesome privilege escalation

pentest framework

MSDAT: Microsoft SQL Database Attacking Tool

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Phishing Tool & Information Collector

Generate unicode evil domains for IDN Homograph Attack and detect them.

Suggests programs to run against services found during the enumeration phase of a Pentest

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Free Fire Phishing Tool ID Hack Tool For Online Hacking

Python-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network.

A pentesting tool inspired by mr robot and derived by zphisher

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

SIP-Based Audit and Attack Tool

Create file system symbolic links from low privileged user accounts within PowerShell

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Camera phishing tool. If anyone opens link generated by CamHacker and permits camera access his/her photo will be captured!

This tool will quickly search for exploitable binaries with SUID bit set in Linux and will output the method of exploitation from GTFObins

InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Next generation web scanner

parse nmap files

Free advanced and modern Windows botnet with a nice and secure PHP panel.

The most complete phishing tool

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

Web Recon & Exploitation Tool.

Subdomain enumeration through various techniques

A Python DNS crawler to find identical domain names under different TLDs.

Jam all wifi clients/routers.

Mercure is a tool for security managers who want to train their colleague to phishing.

Yet Another PHP Shell - The most complete PHP reverse shell

No description or website provided.

A simple phishing tool that can phish almost any website

A repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

An automated approach to performing recon for bug bounty hunting and penetration testing.

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

WireBug is a toolset for Voice-over-IP penetration testing

A dataset of various malicious cryptocurrency-related URLs and Twitter profiles

Overlord - Red Teaming Infrastructure Automation

Password-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/

A Tool for Domain Flyovers

Goca Scanner

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

一款适用于红蓝对抗中的仿真钓鱼系统

Selenium powered Python script to automate searching for vulnerable web apps.

Multi OTP Spam Amp/Paralell threads

Misc. Public Reports of Penetration Testing and Security Audits.

Hacker101 CTF Writeup

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻