SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: β 833 (+241.39%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: β 44 (-81.97%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: β 85 (-65.16%)
AutordpwnThe Shadow Attack Framework
Stars: β 688 (+181.97%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: β 193 (-20.9%)
Dref DNS Rebinding Exploitation Framework
Stars: β 423 (+73.36%)
Platypusπ¨ A modern multiple reverse shell sessions manager wrote in go
Stars: β 559 (+129.1%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: β 370 (+51.64%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: β 541 (+121.72%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: β 22 (-90.98%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: β 103 (-57.79%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: β 405 (+65.98%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: β 86 (-64.75%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester π
Stars: β 2,750 (+1027.05%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: β 1,136 (+365.57%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: β 126 (-48.36%)
PentmenuA bash script for recon and DOS attacks
Stars: β 288 (+18.03%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: β 331 (+35.66%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: β 5,615 (+2201.23%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: β 4,162 (+1605.74%)
Netmap.jsFast browser-based network discovery module
Stars: β 70 (-71.31%)
Gitjackerπͺ Leak git repositories from misconfigured websites
Stars: β 1,249 (+411.89%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: β 775 (+217.62%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: β 113 (-53.69%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: β 150 (-38.52%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: β 2,548 (+944.26%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: β 218 (-10.66%)
CovenantCovenant is a collaborative .NET C2 framework for red teamers.
Stars: β 2,747 (+1025.82%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: β 199 (-18.44%)
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Stars: β 227 (-6.97%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: β 218 (-10.66%)
BetterbackdoorA backdoor with a multitude of features.
Stars: β 195 (-20.08%)
MosintAn automated e-mail OSINT tool
Stars: β 184 (-24.59%)
Darkspiritzπ Official Repository for DarkSpiritz Penetration Framework | Written in Python π
Stars: β 219 (-10.25%)
Satelliteeasy-to-use payload hosting
Stars: β 193 (-20.9%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: β 238 (-2.46%)
FilesensorDynamic file detection tool based on crawler εΊδΊη¬θ«ηε¨ζζζζδ»Άζ’ζ΅ε·₯ε
·
Stars: β 227 (-6.97%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: β 216 (-11.48%)
CintruderCaptcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.
Stars: β 192 (-21.31%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: β 191 (-21.72%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: β 214 (-12.3%)
Litmus testDetecting ATT&CK techniques & tactics for Linux
Stars: β 190 (-22.13%)
Stegseekβ‘οΈ Worlds fastest steghide cracker, chewing through millions of passwords per second β‘οΈ
Stars: β 187 (-23.36%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: β 2,775 (+1037.3%)
GetjsA tool to fastly get all javascript sources/files
Stars: β 190 (-22.13%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: β 188 (-22.95%)
SharpattackA simple wrapper for C# tools
Stars: β 211 (-13.52%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: β 187 (-23.36%)
SocialfishPhishing Tool & Information Collector
Stars: β 2,522 (+933.61%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance withβ¦
Stars: β 3,439 (+1309.43%)
CommixAutomated All-in-One OS Command Injection Exploitation Tool.
Stars: β 3,016 (+1136.07%)
CalderaAutomated Adversary Emulation Platform
Stars: β 3,126 (+1181.15%)
DartDART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
Stars: β 207 (-15.16%)
Awesome Shodan Queriesπ A collection of interesting, funny, and depressing search queries to plug into shodan.io π©βπ»
Stars: β 2,758 (+1030.33%)
SlurpEvaluate the security of S3 buckets
Stars: β 183 (-25%)
LnkupGenerates malicious LNK file payloads for data exfiltration
Stars: β 205 (-15.98%)