Stars
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
本项目制作的初衷是帮助渗透新手快速搭建工作环境,工欲善其事,必先利其器。
渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理
Hysteria is a powerful, lightning fast and censorship resistant proxy.
venom - C2 shellcode generator/compiler/handler
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, co…
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point.
Network topology collector and visualizer. Collects network topology data from dynamic mesh routing protocols or other popular networking software like OpenVPN, allows to visualize the network grap…
Adversary simulation and Red teaming platform with AI
Tools & Interesting Things for RedTeam Ops
A Ruby framework designed to aid in the penetration testing of WordPress systems.
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.
Build Virtual Machine Image from Dockerfile or Docker image
attacksurge / ax
Forked from pry0cc/axiomThe Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our nine supported cl…
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
A Security Tool for Bug Bounty, Pentest and Red Teaming.