#Red-team-engagement
Showing 29 of 29 repositories tagged #red-team-engagement, ranked by stars
Adversary Emulation Framework
Work in progress...
PHP shells that work on Linux OS, macOS, and Windows OS.
Collection of PowerShell functions a Red Teamer may use in an engagement
Work in progress...
Work in progress...
Work in progress...
[ BOF-LAUNCHER ] -> an API for loading, executing and in-memory masking BOFs on Windows and Linux for use in C/Zig/Go/Rust agents/implants. [ Z-BEAC0N ] -> a custom-written stage-1 (aka pre-C2) solution engineered with a small footprint, stealth and modularity in mind. [ DEVELOPED BOFS ] -> cross-platform (12), Linux-only (10), Win-only (2)
Penetration testing utility and antivirus assessment tool.
PowerShell scripts for communicating with a remote host.
DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).
JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures from various AV engines. It also has a handful of additional built in modules to help automate some common tasks on Red team engagements.
Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets
Simple API for storing all incoming XSS requests and various XSS templates.
Squatm3 is a python tool designed to enumerate available domains generated modifying the original domain name through different techniques
This repo will contain some basic pentest/RT commands.
Search Google Dorks like Chad. / Broken link hijacking tool.
Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.
Secure website with a registration, sign in, session management, and CRUD controls.
Scrape files for sensitive information, and generate an interactive HTML report. Based on Rabin2.
Web crawler and scraper based on Scrapy and Playwright's headless browser.
Not another Google searching tool.
Autonomous Black-Box Pentesting for Web Applications.
Extend wordlist by appending digits and special characters to each word.