Trending repositories for topic redteam-tools

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

Cyber Security ALL-IN-ONE Platform

An IIS short filename enumeration tool

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

OffSec OSINT Pentest/RedTeam Tools

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

All-in-One Toolkit for BruteForce Attacks

impacket-gui

A tool that shows detailed information about named pipes in Windows

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

An IIS short filename enumeration tool

All-in-One Toolkit for BruteForce Attacks

impacket-gui

OffSec OSINT Pentest/RedTeam Tools

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

A tool that shows detailed information about named pipes in Windows

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

Cyber Security ALL-IN-ONE Platform

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Cyber Security ALL-IN-ONE Platform

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

OffSec OSINT Pentest/RedTeam Tools

All-in-One Toolkit for BruteForce Attacks

a tool to help operate in EDRs' blind spots

市场上虽然存在大量的网络安全工具和软件，但它们大多针对某一特定领域或功能，缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具，不仅降低了工作效率，还增加了操作失误的风险。由gitee转发 ↓

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust

Halberd : Multi-Cloud Attack Tool

A tool that shows detailed information about named pipes in Windows

A tool to crack WPA2 passphrase with PMKID value without clients or de-authentication

Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

市场上虽然存在大量的网络安全工具和软件，但它们大多针对某一特定领域或功能，缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具，不仅降低了工作效率，还增加了操作失误的风险。由gitee转发 ↓

A tool to crack WPA2 passphrase with PMKID value without clients or de-authentication

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Halberd : Multi-Cloud Attack Tool

Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.

All-in-One Toolkit for BruteForce Attacks

a tool to help operate in EDRs' blind spots

OffSec OSINT Pentest/RedTeam Tools

A tool that shows detailed information about named pipes in Windows

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

impacket-gui

AI-Powered Ethical Hacking Assistant

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Cyber Security ALL-IN-ONE Platform

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

Cyber Security ALL-IN-ONE Platform

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

OffSec OSINT Pentest/RedTeam Tools

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

An IIS short filename enumeration tool

All-in-One Toolkit for BruteForce Attacks

Halberd : Multi-Cloud Attack Tool

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

AI-Powered Ethical Hacking Assistant

市场上虽然存在大量的网络安全工具和软件，但它们大多针对某一特定领域或功能，缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具，不仅降低了工作效率，还增加了操作失误的风险。由gitee转发 ↓

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

a tool to help operate in EDRs' blind spots

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust

mapAccountHijack is a tool designed to carry out a MAP Account hijack attack, which exploits the Message Access Profile (MAP) in Bluetooth Classic, enables the theft of MFA and OTPs leading to the suc...

市场上虽然存在大量的网络安全工具和软件，但它们大多针对某一特定领域或功能，缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具，不仅降低了工作效率，还增加了操作失误的风险。由gitee转发 ↓

Halberd : Multi-Cloud Attack Tool

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

TokenCert

All-in-One Toolkit for BruteForce Attacks

Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.

AI-Powered Ethical Hacking Assistant

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

A command and control (C2) server

Youtube as C2 channel - Control Windows systems uploading QR videos to Youtube

Red Team tool for exfiltrating files from a target's Google Drive that you have access to, via Google's API.

Process Injection via Component Object Model (COM) IRundown::DoCallback().

OffSec OSINT Pentest/RedTeam Tools

A WLAN red team framework.

An IIS short filename enumeration tool

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

All-in-One Toolkit for BruteForce Attacks

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.

Perfect DLL Proxying using forwards with absolute paths.

Halberd : Multi-Cloud Attack Tool

市场上虽然存在大量的网络安全工具和软件，但它们大多针对某一特定领域或功能，缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具，不仅降低了工作效率，还增加了操作失误的风险。由gitee转发 ↓

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

一键生成免杀木马的 shellcode 免杀框架

Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.

The Most Advanced Client-Side Prototype Pollution Scanner

A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON

TokenCert

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

FTP lnk调用pythonw程序，用于攻防钓鱼场景下免杀运行捆绑木马文件

mapAccountHijack is a tool designed to carry out a MAP Account hijack attack, which exploits the Message Access Profile (MAP) in Bluetooth Classic, enables the theft of MFA and OTPs leading to the suc...

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust

Cyber Security ALL-IN-ONE Platform

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...

OffSec OSINT Pentest/RedTeam Tools

An IIS short filename enumeration tool

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

All-in-One Toolkit for BruteForce Attacks

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.

Halberd : Multi-Cloud Attack Tool

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

市场上虽然存在大量的网络安全工具和软件，但它们大多针对某一特定领域或功能，缺乏一个统一的、集成的、易于使用的综合工具平台。这导致参赛者在CTF竞赛中需要频繁切换不同的工具，不仅降低了工作效率，还增加了操作失误的风险。由gitee转发 ↓

AI-Powered Ethical Hacking Assistant

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

All-in-One Toolkit for BruteForce Attacks

The Most Advanced Client-Side Prototype Pollution Scanner

LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.

TokenCert

A C# implementation of dumping credentials from Windows Credential Manager

FTP lnk调用pythonw程序，用于攻防钓鱼场景下免杀运行捆绑木马文件

WEB-Wordlist-Generator creates related wordlists after scanning your web applications.

Perfect DLL Proxying using forwards with absolute paths.

Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.

一款基于 gopacket 编写的 ICMP 反弹 shell 工具

A tool to crack WPA2 passphrase with PMKID value without clients or de-authentication

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python

An IIS short filename enumeration tool

OffSec OSINT Pentest/RedTeam Tools

Remote Template Injection Toolkit

Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.