214 Open source projects that are alternatives of or similar to Bloodhound Playbook

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

A PowerShell module to deploy active directory decoy objects.

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

fireELF - Fileless Linux Malware Framework

🔎 Hunt down social media accounts by username across social networks

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

List of Awesome Red Teaming Resources

generate CobaltStrike's cross-platform payload

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

OSINT

Open source pre-operation C2 server based on python and powershell

Hershell is a simple TCP reverse shell written in Go.

AV Evasion Tool For Red Team Ops

记录自己编写、修改的部分工具

Enable drop-in Windows Single Sign On for popular Java web servers.

红队基础设施自动化部署工具

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)

Utilities for MITRE™ ATT&CK

Collection of PoC and offensive techniques used by the BlackArrow Red Team

👻Stowaway -- Multi-hop Proxy Tool for pentesters

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

cobaltstrike ms17-010 module and some other

mXtract - Memory Extractor & Analyzer

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Overlord - Red Teaming Infrastructure Automation

Load shellcode into a new process

这是一个抓取浏览器密码的工具，后续会添加更多功能

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

BadAssMacros - C# based automated Malicous Macro Generator.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

E-mails, subdomains and names Harvester - OSINT

linux post-exploitation framework made by linux user

This is the list of all rootkits found so far on github and other sites.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

metasploit-framework 图形界面 / 图形化内网渗透工具

👻Impost3r -- A linux password thief

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

Tactics, Techniques, and Procedures

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

Network Pivoting Toolkit

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

This repository contains full code examples from the book Gray Hat C#

The Old BloodHound C# Ingestor (Deprecated)

🙃 Reverse Shell Cheat Sheet 🙃

A self-service password management tool for Active Directory

Awesome cloud enumerator

Writing custom backdoor payloads with C# - Defcon 27 Workshop

This PowerShell Module has multiple functionalities, but one of the signature features of this module is the ability to parse Security logs on Domain Controllers providing easy to use access to AD Events.

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Lightweight tools for working with Active Directory users and groups. Also some domain discovery functions.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Open-Source PE Packer