redteam-tools

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

⬆ ☠ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Cyber Security ALL-IN-ONE Platform

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

一款适用于红蓝对抗中的仿真钓鱼系统

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

A curated list of cybersecurity tools and resources.

OffSec OSINT Pentest/RedTeam Tools

An IIS short filename enumeration tool

Dangerously fast DNS/network/port scanner

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

a tool to help operate in EDRs' blind spots

All-in-One Toolkit for BruteForce Attacks

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集，用来进行渗透测试，密码学研究，CTF和日常使用。

一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集，降低红队技术门槛的手册【持续更新】

A tool that shows detailed information about named pipes in Windows