305 Open source projects that are alternatives of or similar to RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

Offensive Reverse Shell (Cheat Sheet)

A curated list of awesome OSCP resources

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

List of Awesome Red Teaming Resources

备考 OSCP 的各种干货资料/渗透测试干货资料

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

Exfiltration based on custom X509 certificates

This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.

Search for Unix binaries that can be exploited to bypass system security restrictions.

Functions that can be used to gain Reverse Shells with PowerShell

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

C# tool to discover low hanging fruits

Modified template for the OSCP Exam and Labs. Used during my passing attempt

Automatic Reverse Shell Generator

My own OSCP guide

One line PS scripts that may come handy during your network assesment

🙃 Reverse Shell Cheat Sheet 🙃

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

PHP shells that work on Linux OS, macOS, and Windows OS.

A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.

A collection of resources I'm using while working toward the OSCP

Just another useless C2 occupying space in some HDD somewhere.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Don't let buffer overflows overflow your mind

A collection of Cobalt Strike aggressor scripts

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

Opening the door, one reverse shell at a time

🆕 The Multi-Tool Web Vulnerability Scanner.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

It records your terminal, then lets you upload to ASHIRT

Leaked pentesting manuals given to Conti ransomware crooks

The Collective. A repo for a collection of red-team projects found mostly on Github.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Work in progress...

A tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.

Windows shellcode development in Rust

☠️ The Pathwar Project ☠️

⛔️ offsec batteries included

Offensive tools as Dockerfiles. Lightweight & Ready to go

My OSCP journey

Work in progress...

A lockout aware password sprayer

Offensive Terraform Website

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.

NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)

Automated NoSQL database enumeration and web application exploitation tool.

C2/post-exploitation framework

Reverse shell generator

redteam.wiki

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.