Trending repositories for topic redteam-tools
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among conn...
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among conn...
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among conn...
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
Perfect DLL Proxying using forwards with absolute paths.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Perfect DLL Proxying using forwards with absolute paths.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
Local privilege escalation via PetitPotam (Abusing impersonate privileges).
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among conn...
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
Perfect DLL Proxying using forwards with absolute paths.
Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
Red Team tool for exfiltrating files from a target's Google Drive that you have access to, via Google's API.
Perfect DLL Proxying using forwards with absolute paths.
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
The purpose of this tool is: 1. to transliterate and generate possible usernames out of a full names list that may include names written in multiple (non-English) languages, common problem occurring f...
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
A C# implementation of dumping credentials from Windows Credential Manager
Youtube as covert-channel - Control Windows systems remotely and execute commands by uploading videos to Youtube
WEB-Wordlist-Generator creates related wordlists after scanning your web applications.
Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among conn...
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes
A tool to crack WPA2 passphrase with PMKID value without clients or de-authentication
Perfect DLL Proxying using forwards with absolute paths.
The purpose of this tool is: 1. to transliterate and generate possible usernames out of a full names list that may include names written in multiple (non-English) languages, common problem occurring f...
Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.