Red Team
Showing 33 of 33 projects
A curated collection of penetration testing tools, resources, and educational materials for offensive cybersecurity professionals.
A comprehensive collection of hacking tools, resources, and references for learning and practicing ethical hacking and penetration testing.
A rogue Access Point framework for conducting Wi-Fi security testing and phishing attacks during red team engagements.
A library of portable detection tests mapped to the MITRE ATT&CK framework for security testing.
A PowerShell framework for offensive security, penetration testing, and red teaming with scripts for all phases.
A post-exploitation framework with PowerShell and Python agents for security testing and red team operations.
An automated cyber security platform for adversary emulation, red teaming, and incident response built on the MITRE ATT&CK framework.
A curated collection of cheat sheets and resources for penetration testing and security assessments.
A PowerShell v2.0+ compatible command and script obfuscation framework for security testing.
A curated collection of proof-of-concept exploits for Common Vulnerabilities and Exposures (CVEs).
A curated list of free, hands-on educational resources for learning cybersecurity through practical exercises and CTF challenges.
A collection of 200 Windows EVTX event log samples mapped to MITRE ATT&CK techniques for detection testing and threat hunting.
A curated catalog of hardware gadgets for red team pentesters and security researchers, organized into eight categories.
A service that provides easy-to-remember reverse shell payloads for Unix-like systems, automatically detecting available software on the target.
A curated list of awesome guides, tools, and resources related to lockpicking, physical security, and locksport.
A security tool that enumerates AWS S3 buckets to discover and download interesting files using wordlist-based scanning.
A lightweight utility to generate malicious network traffic patterns for evaluating security controls and network visibility.
A multi-packer wrapper for daisy-chaining packers, obfuscators, and shellcode loaders to protect Red Team implants with watermarking and IOC collection.
A modular, menu-driven tool for building time-delayed, distributed security event chains for Red, Blue, and Purple Team exercises.
A malicious DNS server for executing DNS rebinding attacks dynamically via domain name requests.
A lightweight Python utility for running common security tests against GraphQL APIs, ideal for CI/CD checks.
A command-line tool for security testing and offensive operations against Jenkins CI/CD servers.
A fast scanning and attack toolkit for identifying and exploiting GitHub Actions vulnerabilities at scale.
A frontend JavaScript framework for developing DNS rebinding exploits against vulnerable LAN devices and IoT products.
A fast and flexible HTTP fuzzer for content discovery, credential bruteforcing, and security testing.
A framework for exploiting DNS rebinding vulnerabilities to bypass Same-Origin Policy and attack internal networks from browsers.
A family of extremely stealthy, code-golfed PHP webshells designed for undetectable remote command execution.
A tool and guide for cracking hashed SSH known_hosts files using hashcat to recover IP addresses.
A curated collection of CVEs, research, tools, and resources for WebSocket security testing and vulnerability research.
A security research diagram mapping attack paths to exploit GitHub Actions misconfigurations for red team engagements.
An automated multi-cloud deployment tool for red team infrastructure, built on Terraform with AI-powered orchestration.
A signature-based, multi-threaded honeypot detection tool written in Go that identifies emulated services via crafted requests.
A penetration testing tool for selectively downloading files from exposed .git repositories on web servers.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.