redteam-tools

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

⬆ ☠ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Cyber Security ALL-IN-ONE Platform

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

A curated list of cybersecurity tools and resources.

一款适用于红蓝对抗中的仿真钓鱼系统

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

OffSec OSINT Pentest/RedTeam Tools

An IIS short filename enumeration tool

Dangerously fast DNS/network/port scanner

All-in-One Toolkit for BruteForce Attacks

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

a tool to help operate in EDRs' blind spots

ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集，用来进行渗透测试，密码学研究，CTF和日常使用。

A tool that shows detailed information about named pipes in Windows

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)