Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Redteam Open-Source Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
-
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
-
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
-
awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
-
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
-
the_cyber_plumbers_handbook
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
-
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
Project mention: Checking all accounts associated with my email address? | /r/PrivacySecurityOSINT | 2023-11-12In the interest of cleaning my digital life a bit I really want to delete all of my old accounts that I no longer use. The terminal application "Sherlock" on github can search for instances of a username you input and find associated websites. Sherlock
Project mention: bettercap VS petep - a user suggested alternative | libhunt.com/r/bettercap | 2023-10-03
I am new to Python. With the help of several users (thanks u/Diapolo10 and u/shiftybyte)I've been able to install Python and the dirsearch package. Dirsearch (https://github.com/maurosoria/dirsearch) allows for checking website paths with a wordlist. For example, I have a wordlist file with words like "dog", "cat", "bird", etc and I want to check the validity of those words as extensions on a website. Something like "example.com/bird", "example.com/cat", etc. I have a test wordlist in the same directory as dirsearch, but I am confused on how to proceed with the commands. I want to have it check my wordlist as extensions on the example.com website and then save output on if the webpath is valid or not. Just need a little bit of help.
Project mention: Search for sensitive data using theHarvester and h8mail tools | dev.to | 2023-12-01
I have an idea for a simar style website that i would like to create, and i was going to use GTFOBins as a template and ammend to fit my data, much like LOLBAS has.
Project mention: Osint update of the Snoop Project tool search for user by nickname | news.ycombinator.com | 2024-01-02
Wrote a tool two years ago that does some of the PDF-tests. But more could be added: https://github.com/jonaslejon/malicious-pdf
Project mention: BypassAV: This map lists the essential techniques to bypass anti-virus and EDR | /r/blueteamsec | 2023-06-18
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Redteam related posts
- Modern automated data miner (scrapper)
- Haven't been using kali in a long time and wanted to know why Ngrok is not working on Blackeye? blackeye itself doesn't exist anymore lol
- Search for sensitive data using theHarvester and h8mail tools
- Exiflooter has released on Black Arch Linux
- New webcrawler for bug-hunters and data-miners
- Living Off the Land Binaries
- PaulNorman01/Forensia
-
A note from our sponsor - InfluxDB
www.influxdata.com | 26 Apr 2024
Index
What are some of the best open-source Redteam projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | PayloadsAllTheThings | 56,681 |
| 2 | sherlock | 51,283 |
| 3 | bettercap | 15,681 |
| 4 | dirsearch | 11,213 |
| 5 | theHarvester | 10,319 |
| 6 | nishang | 8,324 |
| 7 | awesome-hacker-search-engines | 6,664 |
| 8 | LOLBAS | 6,581 |
| 9 | Awesome-Red-Teaming | 6,501 |
| 10 | RedTeam-Tools | 5,144 |
| 11 | kubernetes-goat | 3,862 |
| 12 | RedTeaming-Tactics-and-Techniques | 3,816 |
| 13 | Awesome-CobaltStrike | 3,805 |
| 14 | Villain | 3,563 |
| 15 | Viper | 3,475 |
| 16 | WinPwn | 3,177 |
| 17 | awesome-mobile-security | 2,808 |
| 18 | snoop | 2,683 |
| 19 | malicious-pdf | 2,585 |
| 20 | the_cyber_plumbers_handbook | 2,503 |
| 21 | Stowaway | 2,415 |
| 22 | Penetration-Testing-Tools | 2,413 |
| 23 | BypassAV | 2,203 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com