Red Team
Explore 86 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
An automated red teaming and security testing platform that continuously evaluates conversational AI applications for vulnerabilities and compliance with security standards.
A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
A compilation of Red Teaming resources including cheatsheets, notes, scripts, and practice platforms for cybersecurity learning and skill development.
A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
A framework for testing and exploiting race conditions in software
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Emulate offensive attack techniques in the cloud with a self-contained Go binary.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
An active and aggressive honeypot tool for network security.
Introduction to using GScript for Red Teams
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Redboto is a collection of scripts for red team operations against the AWS API.
An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.
Technique used to forward one URL to another.
Local pentest lab using docker compose to spin up victim and attacker services.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
A detailed manual for cybersecurity professionals focusing on red team, OSINT, and blue team strategies.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment
A lightweight, first-stage C2 implant written in Nim for remote access and control.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
Participation in the Red Team for Pacific Rim CCDC 2017 with insights on infrastructure design and competition tips.
Adversary emulation framework for testing security measures in network environments.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Create a vulnerable active directory for testing various Active Directory attacks.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
Sysreptor offers a customizable reporting solution for offensive security assessments.
A technique for social engineering and untrusted command execution using ClickOnce technology
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
A pocket reference guide providing various options for navigating and pivoting through different environments and situations.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
A C#-based Command and Control Framework for remote access and control of compromised systems.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.
The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
A ruby script that scans for vulnerable 3rd-party web applications
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
The official security guide for Red Hat Enterprise Linux 7, providing detailed information on securing the operating system.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable reporting solution for penetration testers and red teamers to streamline their security assessments.
CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
A guide to bypassing RFID card reader security mechanisms using specialized hardware
Back-end component for red team operations with crucial design considerations.