Red Team Security Tools

Small and highly portable detection tests based on MITRE's ATT&CK.

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

A post exploitation framework designed to operate covertly on heavily monitored environments

Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.

smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares

The Havoc Framework

Adversary Emulation Framework

Generic PE loader for fast prototyping evasion techniques

Nimbo-C2 is yet another (simple and lightweight) C2 framework

Sandman is a NTP based backdoor for red team engagements in hardened networks.

A tool to monitor for potential spear phishing domains and send to Slack.

ShellBringer is a Python script designed for penetration testers. It facilitates the creation and management of reverse shell payloads, automating listener setup across multiple platforms.

Execute commands interactively on remote Windows machines using the WinRM protocol

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Linux enumeration tool for pentesting and CTFs with verbosity levels

An MCP server implementation

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.