Interesting Stuff

Red Team Tools (Github)

iStuff

Red Team Tools (Github) catalogs a collection of open-source offensive security tools organized by operational phase, spanning reconnaissance through exfiltration. The list highlights widely used frameworks and utilities across categories such as phishing delivery, credential dumping, and C2, with links to each project’s Github page #Mimikatz #GoPhish #Evilginx2 #Empire #Sliver

Keypoints

  • The article lists a broad set of open-source red-team tools across stages from recon to exfiltration.
  • Many entries are GitHub repositories, underscoring community-driven tooling.
  • Credential dumping and phishing delivery tools appear prominently.
  • The collection includes both defense evasion and C2 frameworks.
  • Each tool is grouped by operational phase, emphasizing a modular approach to red-teaming.

πŸ”΄ RECONNAISSANCE:

  • RustScan ==> https://github.com/bee-san/RustScan
  • NmapAutomator ==> https://github.com/21y4d/nmapAutomator
  • AutoRecon ==> https://github.com/Tib3rius/AutoRecon
  • Amass ==> https://github.com/OWASP/Amass
  • CloudEnum ==> https://github.com/initstring/cloud_enum
  • Recon-NG ==> https://github.com/lanmaster53/recon-ng
  • AttackSurfaceMapper ==> https://github.com/superhedgy/AttackSurfaceMapper
  • DNSDumpster ==> https://dnsdumpster.com/

πŸ”΄ INITIAL ACCESS:

  • SprayingToolKit ==> https://github.com/byt3bl33d3r/SprayingToolkit
  • o365Recon ==> https://github.com/nyxgeek/o365recon
  • Psudohash ==> https://github.com/t3l3machus/psudohash
  • CredMaster ==> https://github.com/knavesec/CredMaster
  • DomainPasswordSpray ==> https://github.com/dafthack/DomainPasswordSpray
  • TheSprayer ==> https://github.com/coj337/TheSprayer
  • TREVORspray ==> https://github.com/blacklanternsecurity/TREVORspray

πŸ”΄ DELIVERY:

  • o365AttackToolKit ==> https://github.com/mdsecactivebreach/o365-attack-toolkit
  • EvilGinx2 ==> https://github.com/kgretzky/evilginx2
  • GoPhish ==> https://github.com/gophish/gophish
  • PwnAuth ==> https://github.com/mandiant/PwnAuth
  • Modlishka ==> https://github.com/drk1wi/Modlishka

πŸ”΄ COMMAND AND CONTROL:

  • PoshC2 ==> https://github.com/nettitude/PoshC2
  • Sliver ==> https://github.com/BishopFox/sliver
  • SILENTTRINITY ==> https://github.com/byt3bl33d3r/SILENTTRINITY
  • Empire ==> https://github.com/BC-SECURITY/Empire
  • AzureC2Relay ==> https://github.com/Flangvik/AzureC2Relay
  • Havoc C2 ==> https://github.com/HavocFramework/Havoc
  • Mythic C2 ==> https://github.com/its-a-feature/Mythic

πŸ”΄ CREDENTIAL DUMPING:

  • MimiKatz ==> https://github.com/gentilkiwi/mimikatz
  • HekaTomb ==> https://github.com/Processus-Thief/HEKATOMB
  • SharpLAPS ==> https://github.com/swisskyrepo/SharpLAPS
  • Net-GPPPassword ==> https://github.com/outflanknl/Net-GPPPassword
  • PyPyKatz ==> https://github.com/skelsec/pypykatz

πŸ”΄ PRIVILEGE ESCALATION:

  • SharpUp ==> https://github.com/GhostPack/SharpUp
  • MultiPotato ==> https://github.com/S3cur3Th1sSh1t/MultiPotato
  • PEASS ==> https://github.com/carlospolop/PEASS-ng
  • Watson ==> https://github.com/rasta-mouse/Watson
  • Bat-Potato ==> https://github.com/0x4xel/Bat-Potato

πŸ”΄ DEFENSE EVASION:

  • Villain ==> https://github.com/t3l3machus/Villain
  • EDRSandBlast ==> https://github.com/wavestone-cdt/EDRSandblast
  • SPAWN – Cobalt Strike BOF ==> https://github.com/boku7/spawn
  • NetLoader ==> https://github.com/Flangvik/NetLoader
  • KillDefenderBOF ==> https://github.com/Cerbersec/KillDefenderBOF
  • ThreatCheck ==> https://github.com/rasta-mouse/ThreatCheck
  • Freeze ==> https://github.com/optiv/Freeze
  • GadgetToJScript ==> https://github.com/med0x2e/GadgetToJScript

πŸ”΄ PERSISTENCE:

  • SharPyShell ==> https://github.com/antonioCoco/SharPyShell
  • SharpStay ==> https://github.com/0xthirteen/SharpStay
  • SharpEventPersist ==> https://github.com/improsec/SharpEventPersist

πŸ”΄ LATERAL MOVEMENT:

  • SCShell ==> https://github.com/Mr-Un1k0d3r/SCShell
  • MoveKit ==> https://github.com/0xthirteen/MoveKit
  • ImPacket ==> https://github.com/SecureAuthCorp/impacket

πŸ”΄ EXFILTRATION:

  • SharpExfiltrate ==> https://github.com/Flangvik/SharpExfiltrate
  • DNSExfiltrator ==> https://github.com/Arno0x/DNSExfiltrator
  • Egress-Assess ==> https://github.com/FortyNorthSecurity/Egress-Assess

Credit: https://www.linkedin.com/posts/ouardi-mohamed-hamdi_share-someone-needs-it-π‘πžπ-π“πžπšπ¦-activity-7308435135865970688-hZTW/

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint