Ethical hacking tools and resources for penetration testing and red team operations. Task: Red TeamExplore 53 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
NetSPI Breach and Attack Simulation as a Service validates security control effectiveness through expert-led attack simulations mapped to the MITRE ATT&CK framework.
NetSPI Breach and Attack Simulation as a Service validates security control effectiveness through expert-led attack simulations mapped to the MITRE ATT&CK framework.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
A framework for testing and exploiting race conditions in software
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Emulate offensive attack techniques in the cloud with a self-contained Go binary.
Emulate offensive attack techniques in the cloud with a self-contained Go binary.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Introduction to using GScript for Red Teams
Redboto is a collection of scripts for red team operations against the AWS API.
Redboto is a collection of scripts for red team operations against the AWS API.
Local pentest lab using docker compose to spin up victim and attacker services.
Local pentest lab using docker compose to spin up victim and attacker services.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
Participation in the Red Team for Pacific Rim CCDC 2017 with insights on infrastructure design and competition tips.
Participation in the Red Team for Pacific Rim CCDC 2017 with insights on infrastructure design and competition tips.
Adversary emulation framework for testing security measures in network environments.
Adversary emulation framework for testing security measures in network environments.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
Create a vulnerable active directory for testing various Active Directory attacks.
Create a vulnerable active directory for testing various Active Directory attacks.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
A technique for social engineering and untrusted command execution using ClickOnce technology
A technique for social engineering and untrusted command execution using ClickOnce technology