Red Team
Browse 478 red team tools
FEATURED
Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.
The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
EvilClippy is a cross-platform tool that creates malicious MS Office documents with hidden VBA macros and evasion techniques for penetration testing and red team operations.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
CobaltBus integrates Cobalt Strike with Azure Service Bus to create covert C2 communication channels for red team operations.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.
MITRE Caldera™ is an automated adversary emulation platform built on the MITRE ATT&CK framework that supports red team operations and incident response activities through a modular C2 server and plugin architecture.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A reconnaissance tool that analyzes expired domains for categorization, reputation, and Archive.org history to identify candidates suitable for phishing and C2 operations.
RedGuard is a C2 front flow control tool that helps evade detection by security systems through traffic filtering and redirection capabilities.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.
SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
A Ruby script that scans networks for vulnerable third-party web applications and front-ends with known exploitable security flaws.
Pupy is an open-source, cross-platform C2 framework that provides remote access and control capabilities for compromised systems across Windows, Linux, OSX, and Android platforms.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
TikiTorch is a process injection tool that executes code within the address space of other processes using various injection techniques.
PwnAuth is an open-source tool for generating and managing authentication tokens across multiple protocols, designed for penetration testing and red team exercises.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
A proof-of-concept tool that generates Excel BIFF8 files with embedded 4.0 macros programmatically without requiring Microsoft Excel installation.
