223 Open source projects that are alternatives of or similar to Bof Regsave

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV

Open-Source PE Packer

Reproducible and extensible BloodHound playbooks

generate CobaltStrike's cross-platform payload

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.

🔎 Hunt down social media accounts by username across social networks

cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources

Aggressor scripts for use with Cobalt Strike 3.0+

ESP8266 Deauther ​with a material design WebUI 📶

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

红队基础设施自动化部署工具

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Defences against Cobalt Strike

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A Flutter plugin for turning your device into a beacon.

Practice Go programming and implement CobaltStrike's Beacon in Go

Beaconstac ADVANCED SDK for Android devices

Open source pre-operation C2 server based on python and powershell

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Small and easy to use Android library for BLE beacon monitoring

记录自己编写、修改的部分工具

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Script collection to bypass Network Access Control (NAC, 802.1x)

这是一个抓取浏览器密码的工具，后续会添加更多功能

React-Native Beacon example (medium article related)

E-mails, subdomains and names Harvester - OSINT

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

CatchME - WiFi Fun Box "Having Fun with ESP8266"

metasploit-framework 图形界面 / 图形化内网渗透工具

A set of recipes useful in pentesting and red teaming scenarios

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

Snoop — инструмент разведки на основе открытых данных (OSINT world)

👻Stowaway -- Multi-hop Proxy Tool for pentesters

A list to discover work of red team tooling and methodology for penetration testing and security assessment

mXtract - Memory Extractor & Analyzer

React Native library for detecting beacons (iOS and Android)

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

React-Native library for detecting beacons (iOS and Android)

Stop sites from tracking the links you visit through hyperlink auditing

Load shellcode into a new process

Position Calculating with Trilateration via Bluetooth Beacons(Estimote)

Hershell is a simple TCP reverse shell written in Go.

This is the list of all rootkits found so far on github and other sites.

The Collective. A repo for a collection of red-team projects found mostly on Github.

Venom - A Multi-hop Proxy for Penetration Testers

The goal of this repository is to document the most common techniques to bypass AppLocker.