81 tools and resources
A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
A framework for testing and exploiting race conditions in software
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Emulate offensive attack techniques in the cloud with a self-contained Go binary.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
An active and aggressive honeypot tool for network security.
Introduction to using GScript for Red Teams
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Redboto is a collection of scripts for red team operations against the AWS API.
An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.
Technique used to forward one URL to another.
Local pentest lab using docker compose to spin up victim and attacker services.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
A detailed manual for cybersecurity professionals focusing on red team, OSINT, and blue team strategies.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment
A lightweight, first-stage C2 implant written in Nim for remote access and control.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
Participation in the Red Team for Pacific Rim CCDC 2017 with insights on infrastructure design and competition tips.
Adversary emulation framework for testing security measures in network environments.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Create a vulnerable active directory for testing various Active Directory attacks.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
Sysreptor offers a customizable reporting solution for offensive security assessments.
A technique for social engineering and untrusted command execution using ClickOnce technology
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
An easy to set up SSH honeypot for logging SSH connections and activity.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
A pocket reference guide providing various options for navigating and pivoting through different environments and situations.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
A C#-based Command and Control Framework for remote access and control of compromised systems.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
A ruby script that scans for vulnerable 3rd-party web applications
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
The official security guide for Red Hat Enterprise Linux 7, providing detailed information on securing the operating system.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable reporting solution for penetration testers and red teamers to streamline their security assessments.
DNS spoofer tool for redirecting DNS lookup requests.
CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
A guide to bypassing RFID card reader security mechanisms using specialized hardware
Back-end component for red team operations with crucial design considerations.
