red-team

There are 108 repositories under red-team topic.

• samratashok / nishang

  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

  activedirectoryhackinginfosecnishangpenetration-testingpowershellred-teamredteamsecurity
  Language:PowerShell 6748

• infosecn1nja / Red-Teaming-Toolkit

  This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

  hackinginfosecpentestingred-team
  6433

• quasar / Quasar

  Remote Administration Tool for Windows

  administrationc-sharpdotnetmononetprotobufratred-teamremoteremote-controlremote-desktopsecuritywindows
  Language:C# 5758

• rmusser01 / Infosec_Reference

  An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

  blueteamforensicshackinghacking-simulatorhacktoberfesthacktoberfest2021information-securityinfosecinfosec-referencelinuxosxpenetration-testingpentestingprivilege-escalationprivilege-escalation-exploitsred-teamreferencesreverse-engineeringwindows
  Language:CSS 4491
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderasecurity-automationred-teammitremitre-attacksecurity-testingmitre-corporationcybersecurityhacking
  Language:Python 3674
• Hack-Tools

  LasCC / Hack-Tools

  The all-in-one Red Team extension for Web Pentester 🛠

  chrome-extensioncybersecurityfirefox-addonhackhack-toolshackbarhackinghacking-toolshacktoolsmetasploitmsfvenompayloadspentest-toolpentestingred-teamred-teamingreverse-shellweb-pentestersxss-payloads
  Language:TypeScript 3609
• cve

  trickest / cve

  Gather and update all available and newest CVEs with their PoC.

  cvecve-pocexploithackinginfoseclatest-cvepenetration-testingpentestingpocred-teamsecuritysecurity-toolssoftware-securitysoftware-vulnerabilitiessoftware-vulnerabilityvulnerabilitiesvulnerability
  Language:HTML 3532

• BishopFox / sliver

  Adversary Emulation Framework

  adversarial-attacksadversary-simulationc2command-and-controldnsdns-servergolanggplv3httpimplantred-teamred-team-engagementred-teamingsecurity-toolssliver
  Language:Go 3406

• bluscreenofjeff / Red-Team-Infrastructure-Wiki

  Wiki to collect Red Team infrastructure hardening resources

  infrastructureredirectorcobalt-strikeempirered-teampentesting
  3261

• cobbr / Covenant

  Covenant is a collaborative .NET C2 framework for red teamers.

  c2covenantdotnetdotnet-corered-team
  Language:C# 3165

• Trusted-AI / adversarial-robustness-toolbox

  Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

  pythonattackadversarial-machine-learningpoisoningtrusted-aiartificial-intelligenceextractionadversarial-attacksadversarial-examplesevasioninferenceprivacyaitrustworthy-aired-teamblue-teammachine-learning
  Language:Python 3158

• leebaird / discover

  Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

  red-teambashnmapmetasploitscanningosintreconkali-linuxpayload-generatorreconnaissanceinformation-gatheringpenetration-testing
  Language:PowerShell 2761

• lcvvvv / kscan

  Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹2000+，暴力破解协议10余种。

  brute-forcebruteforceexploitfingerprintpentestred-teamredteamscannersecuritywebscan
  Language:Go 2088

• skerkour / black-hat-rust

  Applied offensive security with Rust - https://kerkour.com/black-hat-rust

  auditbeaconbug-bountybug-huntingc2hackinginfosecoffensive-securitypentestpentestingphishingred-teamrustscannersecuritysecurity-toolsshellcodestrojanviruswasm
  Language:Rust 1891

• bats3c / shad0w

  A post exploitation framework designed to operate covertly on heavily monitored environments

  shad0wc2red-teamcdockerdotnetshellcode
  Language:C 1768
• gitjacker

  liamg / gitjacker

  🔪 :octocat: Leak git repositories from misconfigured websites

  githackingpenetration-testingpentestingred-team
  Language:Go 1428
• Khepri

  geemion / Khepri

  Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.

  backdoorbeaconc2cobalt-strikecobaltstrikecross-platformgolanggrpclinuxmacosmacosxpost-exploitationqtratred-teamredteamtrojanwindows
  Language:C++ 1342

• TryCatchHCF / Cloakify

  CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

  cipherdata-exfiltrationhackingpentestingexfiltrationsteganographycryptographydlpav-evasionprivacysecuritysecurity-toolsinfosecred-teampentestpentest-toolhacking-toolhacking-toolspentest-toolsstego
  Language:Python 1309

• harleyQu1nn / AggressorScripts

  Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

  cnaaggressor-scriptsred-teamscriptsaggressorcobalt-strike
  Language:C# 1265

• WangYihang / Platypus

  :hammer: A modern multiple reverse shell sessions manager written in go

  attack-defensectfpentestingpentesting-toolsred-teamreverse-shellreverse-shell-as-a-service
  Language:Go 1062
• pi-pwnbox-rogueap

  koutto / pi-pwnbox-rogueap

  Homemade Pwnbox :rocket: / Rogue AP :satellite: based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap :bulb:

  cheatsheethackinghacking-cheasheethacking-toolsmindmapmitm-attackspwnboxraspberry-pired-teamrogueapwifiwifi-hackingwifi-security
  Language:Shell 1026

• Arvanaghi / SessionGopher

  SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

  pentestingred-teamwindowsregistrypowershellartifacts
  Language:PowerShell 969

• Bashfuscator / Bashfuscator

  A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

  bashlinuxlinux-shellobfuscationred-teamblue-teamevasionincident-responseinfosec
  Language:Python 968

• gobysec / Goby

  Attack surface mapping

  vulnerability-researchscan-toolsecuritysecurity-toolshackingnetworkingportscanningcveexppentestingexploitcve-2020-2551cve-2021-27065cve-2021-25646cve-2021-26295cve-2021-21972red-teamcve-2021-30128cve-2021-34473proxyshell
  965
• inceptor

  klezVirus / inceptor

  Template-Driven AV/EDR Evasion Framework

  obfuscationpinvokedinvokecode-injectionprocess-injectionav-bypassamsi-bypassav-evasionedr-bypasspe-packeramsi-evasionred-teamred-teamingav-edr-bypasspayload-generator
  Language:Assembly 953
• AutoRDPwn

  JoelGMSec / AutoRDPwn

  The Shadow Attack Framework

  powershellrdpshadowattackpentestingred-teamwindows
  Language:PowerShell 883

• TryCatchHCF / DumpsterFire

  "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

  pentestinghackinghacking-toolpentest-toolautomationsecuritysecurity-toolsinfosecpentestred-teamblue-teamred-teamsblue-teamspentest-toolshacking-tools
  Language:Python 879
• BlackMamba

  loseys / BlackMamba

  C2/post-exploitation framework

  pyqt5python3spywarepost-exploitationpentestpentest-tooloffensive-securityred-teamsecurity-toolscommand-and-controlqtframeworkpython
  Language:Python 851

• Puliczek / CVE-2021-44228-PoC-log4j-bypass-words

  🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

  securityexploitlog4jhackingcybersecuritywriteupsbugbountycvepentestpayloadred-teambugbounttipsbugbounty-writeupssecurity-writeupspentestingcve-2021-44228cve-2021-45046cve-2021-45105poc
  Language:Java 840

• Viralmaniar / BigBountyRecon

  BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

  osintreconreconnaissancecybersecurityoffensive-securitypentestingpentest-toolbugbountybugbounty-toolbugbountytipsred-teamred-teamingblue-teampurple-teampurple-teams
  Language:C# 819
• DeimosC2

  DeimosC2 / DeimosC2

  DeimosC2 is a Golang command and control framework for post-exploitation.

  security-toolsgolangc2red-teamquichttpsdohinfosechacktoberfest
  Language:Vue 775

• Puliczek / awesome-list-of-secrets-in-environment-variables

  🦄🔒 Awesome list of secrets in environment variables 🖥️

  blue-teambugbounttipsbugbountycve-2021-44228cybersecurityexploitlog4jpentestingpocred-teamsecuritysecurity-writeupswriteups
  733
• Ghostwriter

  GhostManager / Ghostwriter

  The SpecterOps project management and reporting engine

  reportingpenetration-testingred-teaminformationsecurity
  Language:Python 726

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  adversary-emulationctidcyber-threat-intelligencecybersecuritymitre-attackred-teamthreat-informed-defense
  Language:C 696

• bluscreenofjeff / AggressorScripts

  Aggressor scripts for use with Cobalt Strike 3.0+

  red-teambeaconcobalt-strikeaggressor-scriptsccdccna
  674
• DcRat

  qwqdanchun / DcRat

  A simple remote tool in C#.

  ratremotedcratred-teambackdoorwindowsc-sharpsecurityremote-controldotnetremote-desktopcontrolinfosec
  Language:C# 640