645 Open source projects that are alternatives of or similar to Powershell Red Team

linux post-exploitation framework made by linux user

Wireshark Cheat Sheet

Malware similarity platform with modularity in mind.

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.

Hacking, pen-testing, and cyber-security related tools built with Python.

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

Execute ELF files without dropping them on disk

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

kernel privilege escalation enumeration and exploitation framework

VirusTotal Wanna Be - Now with 100% more Hipster

A concise, directive, specific, flexible, and free incident response plan template

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

automated password spraying tool

An anti-ARP-spoofing application software that use active and passive scanning methods to detect and remove any ARP-spoofer from the network.

Threat Hunting queries for various attacks

Source code for the book "Violent Python" by TJ O'Connor. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

A set of recipes useful in pentesting and red teaming scenarios

Terribad PrivEsc enumeration script for Windows systems

🔨 A modern multiple reverse shell sessions manager wrote in go

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.

Automatic Reverse Shell Generator

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container

Scan for and exploit Consul agents

In-depth Attack Surface Mapping and Asset Discovery

Disposable and resilient red team infrastructure with Terraform

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

SIKE for Java is a software library that implements experimental supersingular isogeny cryptographic schemes that aim to provide protection against attackers running a large-scale quantum computer.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)

Project dedicated to fight Layer 7 DDoS with proof of work, featuring an additional WAF. Completed with full set of features and containerized for rapid and lightweight deployment.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A platform to develop, run and administer CTF competitions. The online echoCTF.RED platform user interfaces and codebase

OPCDE Cybersecurity Conference Materials

一个简单实用的FOFA客户端 By flashine

Script collection to bypass Network Access Control (NAC, 802.1x)

STIX data representing MITRE ATT&CK

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Get GTFOBins info about a given exploit from the command line

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

📝 ⌨️ A GNU/Linux keylogger that works!

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

ParadoxiaRat : Native Windows Remote access Tool.

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

The SpecterOps project management and reporting engine

A Golang implant that uses Slack as a command and control server

A collection of useful scripts for Cobalt Strike

Go-deliver is a payload delivery tool coded in Go.

Code repository for the paper "Adversarial Deep Learning for Robust Detection of Binary Encoded Malware"