645 Open source projects that are alternatives of or similar to Powershell Red Team

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Monitoring GitHub for sensitive data shared publicly

Functions that can be used to gain Reverse Shells with PowerShell

Monitoring GitLab for sensitive data shared publicly

Monitoring your Slack workspaces for sensitive information

Enumerate information from NTLM authentication enabled web endpoints 🔎

The Collective. A repo for a collection of red-team projects found mostly on Github.

一款适用于红蓝对抗中的仿真钓鱼系统

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

The GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.

基于Threathunting-book基础上完善的狩猎视角红队handbook

A tool that automates the process of enumeration

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Automated Adversary Emulation Platform

easy-to-use payload hosting

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

A tool for generating reverse shell payloads on the fly.

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

It records your terminal, then lets you upload to ASHIRT

Just another useless C2 occupying space in some HDD somewhere.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

一款可以检测WEB蜜罐并阻断请求的Chrome插件，能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Offensive Reverse Shell (Cheat Sheet)

Dorothy is a tool to test security monitoring and detection for Okta environments

🦄🔒 Awesome list of secrets in environment variables 🖥️

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Python 3.5+ DNS asynchronous brute force utility

Wordlists and passwords handcrafted with ♥

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

The all-in-one Red Team extension for Web Pentester 🛠

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

备考 OSCP 的各种干货资料/渗透测试干货资料

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

This repo will contain some basic pentest/RT commands.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Username enumeration and password spraying tool aimed at Microsoft O365.

WALKOFF-enabled applications. #nsacyber

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.

Authors

Automatic Service Enumeration Script

Malware repository component for samples & static configuration with REST API interface.

GUI based offensive penetration testing tool (Open Source)

Perform automated network reconnaissance scans

internet monitoring osint telegram bot for windows

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Enine boyuna siber güvenlik

A dashboard for a real-time overview of threat intelligence from MISP instances

Distributed malware processing framework based on Python, Redis and MinIO.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

How to prepare for OSCP complete guide