686 Open source projects that are alternatives of or similar to Redteam_vul

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Enumerate information from NTLM authentication enabled web endpoints 🔎

Network Pivoting Toolkit

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Awesome cloud enumerator

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Collection of quality safety articles. Awesome articles.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

记录自己编写、修改的部分工具

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🔺 Red Team Hardware Toolkit 🔺

OSINT

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

The goal of this repository is to document the most common techniques to bypass AppLocker.

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

An OSINT tool to gather information about the real owner of a phone number

A collection of electronic hacker magazines carefully curated over the years from multiple sources

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

A set of recipes useful in pentesting and red teaming scenarios

Infection vector that bypasses AV, IDS, and IPS. (For now...)

🎬 A curated list of movies every hacker & cyberpunk must watch.

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

FAQ del mundo de la seguridad informática en español.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

Single Page Cheatsheet for common MSF Venom One Liners

🪓 a multi-threaded, low-bandwidth HTTP DOS tool

BlackRAT - Java Based Remote Administrator Tool

Venom - A Multi-hop Proxy for Penetration Testers

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File

Black Worm Offical Repo

Fast browser-based network discovery module

cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

Miscellaneous exploit code

A list to discover work of red team tooling and methodology for penetration testing and security assessment

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

A social experiment

The Collective. A repo for a collection of red-team projects found mostly on Github.

Script collection to bypass Network Access Control (NAC, 802.1x)

Pillage filesystems for sensitive information with Go.

✔️ CTF problems and solutions solved by Qwaz

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.

ssh management tool to provides commandline access to a remote system running SSH server

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Riscure Hack Me embedded hardware CTF 2017-2018.

XSHOCK Shellshock Exploit

游戏外挂通用框架，快速构建外挂程序。

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection