red-team

There are 175 repositories under red-team topic.

• infosecn1nja / Red-Teaming-Toolkit

  This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

  hackinginfosecpentestingred-team
  8681

• samratashok / nishang

  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

  activedirectoryhackinginfosecnishangpenetration-testingpowershellred-teamredteamsecurity
  Language:PowerShell 8486

• quasar / Quasar

  Remote Administration Tool for Windows

  administrationc-sharpdotnetmononetprotobufratred-teamremoteremote-controlremote-desktopsecuritywindows
  Language:C# 8347

• BishopFox / sliver

  Adversary Emulation Framework

  security-toolsimplantgolangdns-serverhttpc2command-and-controlred-teamred-teamingred-team-engagementadversarial-attacksadversary-simulationslivergplv3dns
  Language:Go 7898

• trickest / cve

  Gather and update all available and newest CVEs with their PoC.

  poccvecve-poclatest-cvevulnerabilityvulnerabilitiessoftware-vulnerabilitiessoftware-securityexploitsecurityinfosechackingpentestingpenetration-testingred-teamsecurity-toolssoftware-vulnerability
  Language:HTML 6270
• RedTeam-Tools

  A-poc / RedTeam-Tools

  Tools and Techniques for Red Team / Penetration Testing

  cheatsheetcybersecurityenumerationhackinglinuxmitre-attackpayloadpenetration-testingpentestpentest-toolsred-teamred-team-toolsredteamresourcessecurity-toolstoolswindows
  5449

• rmusser01 / Infosec_Reference

  An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

  blueteamforensicshackinghacking-simulatorhacktoberfesthacktoberfest2021information-securityinfosecinfosec-referencelinuxosxpenetration-testingpentestingprivilege-escalationprivilege-escalation-exploitsred-teamreferencesreverse-engineeringwindows
  Language:CSS 5423
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderacybersecurityhackingmitremitre-attackmitre-corporationred-teamsecurity-automationsecurity-testing
  Language:Python 5331

• Trusted-AI / adversarial-robustness-toolbox

  Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

  pythonattackadversarial-machine-learningpoisoningtrusted-aiartificial-intelligenceextractionadversarial-attacksadversarial-examplesevasioninferenceprivacyaitrustworthy-aired-teamblue-teammachine-learning
  Language:Python 4600

• cobbr / Covenant

  Covenant is a collaborative .NET C2 framework for red teamers.

  c2covenantdotnetdotnet-corered-team
  Language:C# 4049

• bluscreenofjeff / Red-Team-Infrastructure-Wiki

  Wiki to collect Red Team infrastructure hardening resources

  infrastructureredirectorcobalt-strikeempirered-teampentesting
  3976

• lcvvvv / kscan

  Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

  redteamscannerbruteforcebrute-forcepentestexploitred-teamsecuritywebscanfingerprint
  Language:Go 3738

• leebaird / discover

  Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

  red-teambashnmapmetasploitscanningosintreconkali-linuxpayload-generatorreconnaissanceinformation-gatheringenumerationpentesting
  Language:PowerShell 3373

• skerkour / black-hat-rust

  Applied offensive security with Rust - https://kerkour.com/black-hat-rust

  rustsecuritypentestpentestingoffensive-securityred-teamauditbeaconc2bug-bountybug-huntingwasmshellcodesscannerphishingtrojanvirushackinginfosecsecurity-tools
  Language:Rust 3086
• RedEye

  cisagov / RedEye

  RedEye is a visual analytic tool supporting Red & Blue Team operations

  blue-teamcybersecurityred-team
  Language:TypeScript 2630
• NetExec

  Pennyw0rth / NetExec

  The Network Execution Tool

  hackingpentestpentest-toolpentest-toolspentestingpythonpython3red-teamactive-directoryinfosecsecuritysecurity-toolsinfosectoolsnetworkswindows
  Language:Python 2561

• bats3c / shad0w

  A post exploitation framework designed to operate covertly on heavily monitored environments

  cc2dockerdotnetred-teamshad0wshellcode
  Language:C 2013

• Idov31 / Nidhogg

  Nidhogg is an all-in-one simple to use rootkit.

  cppcybersecurityinfoseckernelred-teamredteamrootkitwindowswindows-rootkitscyber-securitydriver
  Language:C++ 1652
• pi-pwnbox-rogueap

  koutto / pi-pwnbox-rogueap

  Homemade Pwnbox :rocket: / Rogue AP :satellite: based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap :bulb:

  pwnboxrogueapwifi-hackingwifi-securityred-teammitm-attackswifihackinghacking-toolsraspberry-picheatsheetmindmaphacking-cheasheet
  Language:Shell 1620

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  ctidcybersecuritythreat-informed-defensemitre-attackred-teamcyber-threat-intelligenceadversary-emulationadversary-emulation-plans
  Language:C 1599

• Bashfuscator / Bashfuscator

  A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

  bashlinuxlinux-shellobfuscationred-teamblue-teamevasionincident-responseinfosec
  Language:Python 1541
• gitjacker

  liamg / gitjacker

  🔪 :octocat: Leak git repositories from misconfigured websites

  githackingpenetration-testingpentestingred-team
  Language:Go 1535
• inceptor

  klezVirus / inceptor

  Template-Driven AV/EDR Evasion Framework

  amsi-bypassamsi-evasionav-bypassav-edr-bypassav-evasioncode-injectiondinvokeedr-bypassobfuscationpayload-generatorpe-packerpinvokeprocess-injectionred-teamred-teaming
  Language:Assembly 1528

• TryCatchHCF / Cloakify

  CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

  cipherdata-exfiltrationhackingpentestingexfiltrationsteganographycryptographydlpav-evasionprivacysecuritysecurity-toolsinfosecred-teampentestpentest-toolhacking-toolhacking-toolspentest-toolsstego
  Language:Python 1514

• harleyQu1nn / AggressorScripts

  Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

  aggressoraggressor-scriptscnacobalt-strikered-teamscripts
  Language:C# 1461

• WangYihang / Platypus

  :hammer: A modern multiple reverse shell sessions manager written in go

  attack-defensectfpentestingpentesting-toolsred-teamreverse-shellreverse-shell-as-a-service
  Language:Go 1461

• gobysec / Goby

  Attack surface mapping

  vulnerability-researchscan-toolsecuritysecurity-toolshackingnetworkingportscanningcveexppentestingexploitred-teamproxyshellcve-2023-22527cve-2024-0204cve-2024-20931cve-2024-21887cve-2024-21893cve-2024-23897cve-2024-25600
  1360

• 0xmaximus / Galaxy-Bugbounty-Checklist

  Tips and Tutorials for Bug Bounty and also Penetration Tests.

  bugbountybughackeronebugbountytricksbugbounty-toolbugbountytipsbugbounty-reportsbugbounty-checklistbugcrowdbugsethical-hackingethical-hackerred-teamred-teamingvulnerabilitiesvulnerability
  1350

• m3n0sd0n4ld / GooFuzz

  GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

  bash-scriptbugbountyfuzzinghackinginfosecosintpenetration-testingpentestingreconred-teamsubdomaingoogle-dorksreconnaissancediscoveryinformation-disclosure
  Language:Shell 1281
• Ghostwriter

  GhostManager / Ghostwriter

  The SpecterOps project management and reporting engine

  reportingpenetration-testingred-teaminformationsecurity
  Language:Python 1229

• Arvanaghi / SessionGopher

  SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

  artifactspentestingpowershellred-teamregistrywindows
  Language:PowerShell 1180

• trickest / inventory

  Asset inventory of over 800 public bug bounty programs.

  securitybugbountybugbountytipsinfosecreconnaissancereconpentestinghackingsecurity-toolsred-teampenetration-testingsoftware-securitypentest-toolosintosint-toolosint-resourcesthreat-intelligencebug-bountyfuzzing
  Language:Shell 1163

• Viralmaniar / BigBountyRecon

  BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

  blue-teambugbountybugbounty-toolbugbountytipscybersecurityoffensive-securityosintpentest-toolpentestingpurple-teampurple-teamsreconreconnaissancered-teamred-teaming
  Language:C# 1154
• DeimosC2

  DeimosC2 / DeimosC2

  DeimosC2 is a Golang command and control framework for post-exploitation.

  c2dohgolanghacktoberfesthttpsinfosecquicred-teamsecurity-tools
  Language:Vue 1084
• AutoRDPwn

  JoelGMSec / AutoRDPwn

  The Shadow Attack Framework

  attackpentestingpowershellrdpred-teamshadowwindows
  Language:PowerShell 1058
• BlackMamba

  loseys / BlackMamba

  C2/post-exploitation framework

  command-and-controloffensive-securitypentestpentest-toolpost-exploitationpyqt5pythonpython3qtframeworkred-teamsecurity-toolsspyware
  Language:Python 1000