red-team-engagement

There are 9 repositories under red-team-engagement topic.

BishopFox / sliver
Adversary Emulation Framework
security-tools implant golang dns-server http c2 command-and-control red-team red-teaming red-team-engagement adversarial-attacks adversary-simulation sliver gplv3 dns
Language:Go 7690
ivan-sincek / penetration-testing-cheat-sheet
Work in progress...
bug-bounty ethical-hacking offensive-security penetration-testing red-team-engagement security web web-penetration-testing
Language:PHP 586
tobor88 / PowerShell-Red-Team
Collection of PowerShell functions a Red Teamer may use in an engagement
privesc powershell-red-team powershell-functions ps1 sid-values cyber-security cybersecurity enum enumeration redteam redteaming red-team red-teamers red-team-engagement active-directory penetration-testing pentesting powershell
Language:PowerShell 463
ivan-sincek / php-reverse-shell
PHP shells that work on Linux OS, macOS, and Windows OS.
php reverse-tcp reverse-shell networking ethical-hacking security offensive-security windows linux macos oscp web-shell red-team-engagement penetration-testing web web-penetration-testing tcp bind-shell bind-tcp
Language:PHP 425
ivan-sincek / wifi-penetration-testing-cheat-sheet
Work in progress...
aircrack-ng bug-bounty ethical-hacking evil-twin offensive-security penetration-testing red-team-engagement security wifi wifi-penetration-testing wifi-pineapple
410
ivan-sincek / android-penetration-testing-cheat-sheet
Work in progress...
android android-penetration-testing bug-bounty ethical-hacking frida magisk mobile-penetration-testing mobsf objection offensive-security penetration-testing red-team-engagement security
Language:JavaScript 336
Sh0ckFR / DLLirant
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
redteam infosec vulnerability dll library red-team red-teaming red-team-engagement red-team-tools
316
ivan-sincek / invoker
Penetration testing utility and antivirus assessment tool.
ethical-hacking offensive-security penetration-testing red-team-engagement security windows windows-penetration-testing bytecode-injection c-plus-plus dll-injection hook-procedure process-ghosting process-hollowing access-token malware reverse-tcp sticky-keys system-calls task-scheduler dump-memory
Language:C++ 309
ivan-sincek / powershell-reverse-tcp
PowerShell scripts for communicating with a remote host.
powershell reverse-tcp bind-tcp reverse-shell bind-shell networking ethical-hacking security offensive-security red-team-engagement bug-bounty penetration-testing tcp defensive-security
Language:PowerShell 289
ivan-sincek / ios-penetration-testing-cheat-sheet
Work in progress...
bug-bounty ethical-hacking frida ios ios-penetration-testing mobile-penetration-testing mobsf objection offensive-security penetration-testing red-team-engagement security unc0ver
Language:JavaScript 270
lmco / dart
DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
penetration-testing dart red-team red-team-engagement documentation-tool documentation-generator offline
Language:Python 251
ivan-sincek / forbidden
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
ethical-hacking offensive-security penetration-testing security web web-penetration-testing bug-bounty 401 403 brute-force bypass curl open-redirect owasp-top-10 python red-team-engagement fuzzing broken-access-controls pycurl python-requests
Language:Python 220
Sh0ckFR / InlineWhispers2
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
redteam red-team red-teaming red-team-engagement red-team-tools syscall syscalls windows
Language:Assembly 172
gbiagomba / Sherlock
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
cyber-security cybersecurity red-team red-team-engagement red-teaming redteam redteaming security security-audit security-automation security-scanner security-team security-testing security-tools sherlock web-sec-scanner web-security websec websecurity
Language:Shell 82
ivan-sincek / evil-twin
Learn how to set up a fake authentication web page on a fake WiFi network.
evil-twin wifi-pineapple php html ethical-hacking security offensive-security kismet reaver wash tcpdump wifi red-team-engagement aircrack-ng bug-bounty wifi-penetration-testing
Language:PHP 79
ivan-sincek / keylogger
Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).
c-plus-plus windows keylogger keyboard-hook-procedure ethical-hacking security offensive-security red-team-engagement bug-bounty malware reverse-engineering
Language:C++ 77
ivan-sincek / java-reverse-tcp
JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
security networking reverse-shell java-8 offensive-security ethical-hacking bind-shell reverse-tcp bind-tcp web-shell log4j red-team-engagement bug-bounty penetration-testing web web-penetration-testing
Language:Java 54
pygrum / monarch
Monarch - The Adversary Emulation Toolkit
c2 command-and-control golang red-team-engagement red-teaming security-tools adversary-emulation implant red-team
Language:Go 46
sahadnk72 / jecretz
Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets
sensitive-contents pentesting redteaming pentesting-tools red-team red-teaming security-tools security bugbounty penetration-testing penetration-testing-tools red-team-engagement red-teams red-teamers credentials-gathering credentials
Language:Python 40
david3107 / squatm3
Squatm3 is a python tool designed to enumerate available domains generated modifying the original domain name through different techniques
osint security-tools cybersecurity reconnaissance penetration-testing typosquatting domains domain phishing red-team-engagement url homoglyphs
Language:Python 39
hexachordanu / Red-Team-Essentials
This repo will contain some basic pentest/RT commands.
cybersecurity pentesting powershell red-team red-team-engagement
Language:PowerShell 35
R00tendo / dnsnet
backdoor that uses dns to communicate
dns backdoorpython backdoor command-and-control python3 red-team-engagement
Language:Python 33
ivan-sincek / phishing-mobile-app
Phishing mobile application made in React Native for both Android and iOS devices.
react-native javascript phishing mobile-application android ios ethical-hacking security offensive-security red-team-engagement bug-bounty mobile-penetration-testing penetration-testing-tools
Language:JavaScript 30
ivan-sincek / xss-catcher
Simple API for storing all incoming XSS requests.
php api javascript cross-site-scripting cross-site-request-forgery ethical-hacking security offensive-security red-team-engagement bug-bounty cors cross-origin-resource-sharing csrf penetration-testing web web-penetration-testing xss blind-xss
Language:HTML 30
ice-wzl / wmiexec2
wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures from various AV engines. It also has a handful of additional built in modules to help automate some common tasks on Red team engagements.
antivirus hacking hacking-code hacking-tools malware python python-3 python-script python3 red-team red-team-engagement red-team-tools red-teaming
Language:Python 23
ivan-sincek / secure-website
Secure website with a registration, sign in, session management, and CRUD controls.
php website registration sign-in session-management crud-controls php-data-object css-flexbox apache hardening ssl-certificate tls-certificate ethical-hacking security offensive-security defensive-security penetration-testing red-team-engagement
Language:PHP 21
ivan-sincek / chad
Search Google Dorks like Chad. / Social media takeover tool.
bug-bounty chromium ethical-hacking google-dorking offensive-security penetration-testing playwright python red-team-engagement scrape security social-media threat-hunting threat-intelligence web web-penetration-testing extract google-dorks search-engine social-media-takeover
Language:Python 20
ivan-sincek / dns-exfiltrator
Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.
batch dns-query exfiltrator nslookup certutil ethical-hacking security offensive-security burp-collaborator-server wireshark red-team-engagement bug-bounty dns lolbas malware networking penetration-testing
Language:Batchfile 19
SchenLong / Porunga
Aerial platform for Recon, Intelligence and Pentesting. #R-KALI #Porunga
mavic hacking intelligence-gathering drones pentest-tool red-team red-team-engagement raspberry-pi-3 kali-linux kali-nethunter
16
safebuffer / edge-hot-delivery
edge --> powerpoint --> remote-file --> shell
redteaming red-team-engagement phishing
Language:HTML 15
Viralmaniar / Reg-Hives
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. Use it to copy SYSTEM, SECURITY and SAM hives and download them back to the attacker machines.
internal-pentest red-team-engagement security-tools registry-hacks password-hash
Language:Python 14
ivan-sincek / metagoofeel
Web crawler and downloader based on GNU Wget.
bash web-crawler downloader gnu-wget ethical-hacking security offensive-security bug-bounty red-team-engagement web web-penetration-testing
Language:Shell 13
mytechnotalent / 0x01-ARM-32-Hacking-Hello-World
ARM 32-bit Raspberry Pi Hacking Hello World example in Kali Linux.
arm assembler assembly assembly-language-programming assembly-language hacking hack reverse-engineering cyber cybersecurity cyber-threat-intelligence cyber-security-team red-team red-team-engagement iot reverse-engineer reverse-engineering-tutorial cyber-security radare2 radare
Language:Assembly 12
mytechnotalent / 0x02-ARM-32-Hacking-Int
ARM 32-bit Raspberry Pi Hacking Int example in Kali Linux.
arm assembler assembly assembly-language-programming reverse-engineering reverse-engineering-tutorial c assembly-language hacking hack cyber cybersecurity cyber-threat-intelligence cyber-security-team cyber-security red-team red-team-engagement iot radare2 radare
Language:C 11
ivan-sincek / jwt-bf
Brute force a JWT token. Script uses multithreading.
python security offensive-security ethical-hacking jwt cracking dictionary-attack bug-bounty penetration-testing red-team-engagement web web-penetration-testing brute-force
Language:Python 10
ivan-sincek / wordlist-extender
Extend wordlist by appending digits and special characters to each word.
bug-bounty cracking dictionary-attack ethical-hacking offensive-security penetration-testing python red-team-engagement security wordlist wordlist-extender wordlist-generator fuzzing brute-force
Language:Python 9

red-team-engagement

BishopFox / sliver

ivan-sincek / penetration-testing-cheat-sheet

tobor88 / PowerShell-Red-Team

ivan-sincek / php-reverse-shell

ivan-sincek / wifi-penetration-testing-cheat-sheet

ivan-sincek / android-penetration-testing-cheat-sheet

Sh0ckFR / DLLirant

ivan-sincek / invoker

ivan-sincek / powershell-reverse-tcp

ivan-sincek / ios-penetration-testing-cheat-sheet

lmco / dart

ivan-sincek / forbidden

Sh0ckFR / InlineWhispers2

gbiagomba / Sherlock

ivan-sincek / evil-twin

ivan-sincek / keylogger

ivan-sincek / java-reverse-tcp

pygrum / monarch

sahadnk72 / jecretz

david3107 / squatm3

hexachordanu / Red-Team-Essentials

R00tendo / dnsnet

ivan-sincek / phishing-mobile-app

ivan-sincek / xss-catcher

ice-wzl / wmiexec2

ivan-sincek / secure-website

ivan-sincek / chad

ivan-sincek / dns-exfiltrator

SchenLong / Porunga

safebuffer / edge-hot-delivery

Viralmaniar / Reg-Hives

ivan-sincek / metagoofeel

mytechnotalent / 0x01-ARM-32-Hacking-Hello-World

mytechnotalent / 0x02-ARM-32-Hacking-Int

ivan-sincek / jwt-bf

ivan-sincek / wordlist-extender