Trending repositories for topic redteam-tools
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
市场上虽然存在大量的网络安全工具和软件,但它们大多针对某一特定领域或功能,缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具,不仅降低了工作效率,还增加了操作失误的风险。由gitee转发 ↓
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!
Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
市场上虽然存在大量的网络安全工具和软件,但它们大多针对某一特定领域或功能,缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具,不仅降低了工作效率,还增加了操作失误的风险。由gitee转发 ↓
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
市场上虽然存在大量的网络安全工具和软件,但它们大多针对某一特定领域或功能,缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具,不仅降低了工作效率,还增加了操作失误的风险。由gitee转发 ↓
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
A tool that shows detailed information about named pipes in Windows
red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel wit...
Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
市场上虽然存在大量的网络安全工具和软件,但它们大多针对某一特定领域或功能,缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具,不仅降低了工作效率,还增加了操作失误的风险。由gitee转发 ↓
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel wit...
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
A tool that shows detailed information about named pipes in Windows
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集,用来进行渗透测试,密码学研究,CTF和日常使用。
市场上虽然存在大量的网络安全工具和软件,但它们大多针对某一特定领域或功能,缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具,不仅降低了工作效率,还增加了操作失误的风险。由gitee转发 ↓
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
A tool that shows detailed information about named pipes in Windows
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
市场上虽然存在大量的网络安全工具和软件,但它们大多针对某一特定领域或功能,缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具,不仅降低了工作效率,还增加了操作失误的风险。由gitee转发 ↓
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Perfect DLL Proxying using forwards with absolute paths.
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
A turbo traffic generator pentesting tool to generate random traffic with random MAC and IP addresses in addition to random sequence numbers to a particular IP and port.
Youtube as C2 channel - Control Windows systems uploading videos to Youtube
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
市场上虽然存在大量的网络安全工具和软件,但它们大多针对某一特定领域或功能,缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具,不仅降低了工作效率,还增加了操作失误的风险。由gitee转发 ↓
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
Youtube as C2 channel - Control Windows systems uploading videos to Youtube
Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data
mapAccountHijack is a tool designed to carry out a MAP Account hijack attack, which exploits the Message Access Profile (MAP) in Bluetooth Classic, enables the theft of MFA and OTPs leading to the suc...
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
A C# implementation of dumping credentials from Windows Credential Manager
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
WEB-Wordlist-Generator creates related wordlists after scanning your web applications.
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
Perfect DLL Proxying using forwards with absolute paths.
🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
A tool to crack WPA2 passphrase with PMKID value without clients or de-authentication
🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling