SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Python Redteam Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Project mention: List of Useful Payloads and Bypass for Web Application Security and Pentest/CTF | news.ycombinator.com | 2025-03-14 -
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
Project mention: Sherlock: Hunt down social media accounts by username across 400 social networks | news.ycombinator.com | 2024-12-25
the only data needed are the urls from https://github.com/sherlock-project/sherlock/blob/master/she...
[1] https://www.reddit.com/r/github/comments/1at9br4/i_am_new_to...
-
-
-
Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
-
-
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
-
Stream
Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.
-
-
Lockdoor-Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
-
-
-
sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
-
SlackPirate
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
-
-
Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
-
-
GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
-
-
Dome
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. (by v4d1)
-
-
LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
-
GoodHound
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python Redteam discussion
Python Redteam related posts
-
Search for sensitive data using theHarvester and h8mail tools
-
Docx, doc macro rev shell generator?
-
hey guys which would be easier to make, a malicious docx or pdf?
-
HavocNotion: A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel.
-
University final year project
-
MacroPack - will simplify antimalware solutions bypass and automatize the process from vb source to final Office document or other maldoc payload type. This tool can be used for red teaming, pentests, demos, and social engineering assessments.
-
I want to write a program that sends a single query to 5 different search engines, and returns a list of the headers of the first 1000 results
-
A note from our sponsor - SaaSHub
www.saashub.com | 19 Jul 2025
Index
What are some of the best open-source Redteam projects in Python? This list will help you:
# | Project | Stars |
---|---|---|
1 | PayloadsAllTheThings | 68,287 |
2 | sherlock | 66,956 |
3 | dirsearch | 13,106 |
4 | theHarvester | 13,028 |
5 | Villain | 4,160 |
6 | snoop | 3,398 |
7 | malicious-pdf | 3,077 |
8 | 100-redteam-projects | 2,583 |
9 | Lockdoor-Framework | 1,469 |
10 | PlumHound | 1,217 |
11 | VcenterKit | 1,148 |
12 | sam-the-admin | 1,024 |
13 | SlackPirate | 773 |
14 | Octopus | 753 |
15 | Spoofy | 707 |
16 | overlord | 622 |
17 | GTFONow | 620 |
18 | emploleaks | 616 |
19 | Dome | 533 |
20 | fileless-elf-exec | 492 |
21 | LOOBins | 472 |
22 | GoodHound | 468 |
23 | PivotSuite | 446 |