Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Redteam Open-Source Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
-
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
-
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
-
awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
-
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
-
the_cyber_plumbers_handbook
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
-
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
Project mention: Checking all accounts associated with my email address? | /r/PrivacySecurityOSINT | 2023-11-12In the interest of cleaning my digital life a bit I really want to delete all of my old accounts that I no longer use. The terminal application "Sherlock" on github can search for instances of a username you input and find associated websites. Sherlock
Project mention: bettercap VS petep - a user suggested alternative | libhunt.com/r/bettercap | 2023-10-03
I am new to Python. With the help of several users (thanks u/Diapolo10 and u/shiftybyte)I've been able to install Python and the dirsearch package. Dirsearch (https://github.com/maurosoria/dirsearch) allows for checking website paths with a wordlist. For example, I have a wordlist file with words like "dog", "cat", "bird", etc and I want to check the validity of those words as extensions on a website. Something like "example.com/bird", "example.com/cat", etc. I have a test wordlist in the same directory as dirsearch, but I am confused on how to proceed with the commands. I want to have it check my wordlist as extensions on the example.com website and then save output on if the webpath is valid or not. Just need a little bit of help.
Project mention: Search for sensitive data using theHarvester and h8mail tools | dev.to | 2023-12-01
I have an idea for a simar style website that i would like to create, and i was going to use GTFOBins as a template and ammend to fit my data, much like LOLBAS has.
Project mention: Osint update of the Snoop Project tool search for user by nickname | news.ycombinator.com | 2024-01-02
Wrote a tool two years ago that does some of the PDF-tests. But more could be added: https://github.com/jonaslejon/malicious-pdf
Project mention: BypassAV: This map lists the essential techniques to bypass anti-virus and EDR | /r/blueteamsec | 2023-06-18
Redteam related posts
- Modern automated data miner (scrapper)
- Haven't been using kali in a long time and wanted to know why Ngrok is not working on Blackeye? blackeye itself doesn't exist anymore lol
- Search for sensitive data using theHarvester and h8mail tools
- Exiflooter has released on Black Arch Linux
- New webcrawler for bug-hunters and data-miners
- Living Off the Land Binaries
- PaulNorman01/Forensia
-
A note from our sponsor - InfluxDB
www.influxdata.com | 26 Apr 2024
Index
What are some of the best open-source Redteam projects? This list will help you:
Project | Stars | |
---|---|---|
1 | PayloadsAllTheThings | 56,681 |
2 | sherlock | 51,283 |
3 | bettercap | 15,681 |
4 | dirsearch | 11,213 |
5 | theHarvester | 10,319 |
6 | nishang | 8,324 |
7 | awesome-hacker-search-engines | 6,664 |
8 | LOLBAS | 6,581 |
9 | Awesome-Red-Teaming | 6,501 |
10 | RedTeam-Tools | 5,144 |
11 | kubernetes-goat | 3,862 |
12 | RedTeaming-Tactics-and-Techniques | 3,816 |
13 | Awesome-CobaltStrike | 3,805 |
14 | Villain | 3,563 |
15 | Viper | 3,475 |
16 | WinPwn | 3,177 |
17 | awesome-mobile-security | 2,808 |
18 | snoop | 2,683 |
19 | malicious-pdf | 2,585 |
20 | the_cyber_plumbers_handbook | 2,503 |
21 | Stowaway | 2,415 |
22 | Penetration-Testing-Tools | 2,413 |
23 | BypassAV | 2,203 |
Sponsored