gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-80.7%)
Vipermetasploit-framework 图形界面 / 图形化内网渗透工具
Stars: ✭ 487 (+6.8%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (-58.11%)
redpillAssist reverse tcp shells in post-exploration tasks
Stars: ✭ 142 (-68.86%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+1222.37%)
Atomic Red Team Intelligence C2ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Stars: ✭ 87 (-80.92%)
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+160.53%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (-8.11%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (-27.85%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-58.11%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (-8.33%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+87.28%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-22.15%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-89.47%)
Mssqlproxymssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
Stars: ✭ 433 (-5.04%)
OrcOrc is a post-exploitation framework for Linux written in Bash
Stars: ✭ 349 (-23.46%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+19.3%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-92.11%)
Redteam ResearchCollection of PoC and offensive techniques used by the BlackArrow Red Team
Stars: ✭ 330 (-27.63%)
AggressorScriptsA collection of Cobalt Strike aggressor scripts
Stars: ✭ 18 (-96.05%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+85.09%)
PowerhubA post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
Stars: ✭ 431 (-5.48%)
ToratToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415 (-8.99%)
gitoopsall paths lead to clouds
Stars: ✭ 579 (+26.97%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (-43.42%)
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (-22.37%)
BadAssMacrosBadAssMacros - C# based automated Malicous Macro Generator.
Stars: ✭ 281 (-38.38%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (-7.02%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (-24.34%)
DiscordGoDiscord C2 for Redteam....Need a better name
Stars: ✭ 55 (-87.94%)
RedTeamOne line PS scripts that may come handy during your network assesment
Stars: ✭ 56 (-87.72%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (-26.54%)
ImpulsiveDLLHijackC# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
Stars: ✭ 258 (-43.42%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-8.11%)
soapylog file scrubber
Stars: ✭ 16 (-96.49%)
mOrcmOrc is a post-exploitation framework for macOS written in Bash
Stars: ✭ 16 (-96.49%)
FatherLD_PRELOAD rootkit
Stars: ✭ 59 (-87.06%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (-3.07%)
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-95.18%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-33.99%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-11.62%)
MerlinMerlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Stars: ✭ 3,522 (+672.37%)
anti-honeypot一款可以检测WEB蜜罐并阻断请求的Chrome插件,能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api
Stars: ✭ 38 (-91.67%)
dfexDNS File EXfiltration
Stars: ✭ 46 (-89.91%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-5.48%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-16.23%)
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
Stars: ✭ 29 (-93.64%)
AdbNetA tool that allows you to search for vulnerable android devices across the world and exploit them.
Stars: ✭ 112 (-75.44%)
Windows Post ExploitationWindows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
Stars: ✭ 296 (-35.09%)
certexfilExfiltration based on custom X509 certificates
Stars: ✭ 18 (-96.05%)
MimipenguinA tool to dump the login password from the current linux user
Stars: ✭ 3,151 (+591.01%)