707 Open source projects that are alternatives of or similar to Red Team Infrastructure Wiki

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Evaluate the security of S3 buckets

DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.

An Amazon Web Services (AWS) Pulumi resource package, providing multi-language access to AWS

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Manage Infrastructure as Code with less pain.

Generates malicious LNK file payloads for data exfiltration

Code from Blackhat Python book

Cameradar hacks its way into RTSP videosurveillance cameras

Burp Suite extension to discover assets from HTTP response.

retrieve information via O365 with a valid cred

🕵️‍♂️ Sanity checking containers, vms, and servers

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Awesome Nmap Grep

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Accelerated deep learning R&D

A high performance offensive security tool for reconnaissance and vulnerability scanning

Open Source Workflow Engine for Cloud Native Infrastructure

Vividus is all in one test automation tool

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

RubberDucky like payloads for DigiSpark Attiny85

☄️ Temporal is an easy-to-use, enterprise-grade interface into distributed and decentralized storage

Penetration testing and auditing toolkit for Android apps.

The cheat sheet about Java Deserialization vulnerabilities

Hawkeye filesystem analysis tool

an application that automates the lifecycle of servers

Relational database brute force and post exploitation tool for MySQL and MSSQL

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

A simple tool for interacting with OWASP ZAP from the commandline.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

A list of payload and bypass lists for penetration testing and red team infrastructure build.

A curated list of amazingly awesome DigitalOcean resources inspired by Awesome Sysadmin

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

The Linode CLI

备考 OSCP 的各种干货资料/渗透测试干货资料

Monitor linux processes without root permissions

Covenant is a collaborative .NET C2 framework for red teamers.

Passwords Recovery Tool

A script written lazily for generating cross-platform backdoors on the go :)

Linux and Windows shellcode enrichment utility

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Python network tool, similar to Netcat with custom features.

The safe post-production pipeline - https://getavalon.github.io/2.0

A toolkit for creating and managing declarative, self-healing infrastructure.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Saves up to 90% of AWS EC2 costs by automating the use of spot instances on existing AutoScaling groups. Installs in minutes using CloudFormation or Terraform. Convenient to deploy at scale using StackSets. Uses tagging to avoid launch configuration changes. Automated spot termination handling. Reliable fallback to on-demand instances.

Automated All-in-One OS Command Injection Exploitation Tool.

AWS Identity and Access Management Visualizer and Anomaly Finder

A backdoor with a multitude of features.

An Ansible playbook that apply the principle of the Infrastructure as Code on a QEMU/KVM environment.

Manifests to deploy GitLab on Kubernetes

An automated e-mail OSINT tool

Tooling / Ansible to support the many aspects of infrastructure installation, setup and configuration.

Write Everything in JavaScript under 100 Lines!!!😈

A Virtual environment for Pentesting IoT Devices

easy-to-use payload hosting

Monitoring your Slack workspaces for sensitive information

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking: