Search Results for "red team"
Sort By:
Showing 37 open source projects for "red team"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Securden Windows Privilege ManagerRemove local administrator rights on Windows servers and endpoints. Seamlessly elevate applications for standard users. Grant time-limited rights on-demand. Control application usage by remote employees through whitelisting and blacklisting.
-
1
Counter-Strike: Football
Multiplayer FPS game - Counter-Strike: Football
Competitive multiplayer FPS game where two football fan teams fight with the goal of winning more rounds than the opponent team. Teams are Attackers and Defenders. The Defenders team has a goal of protecting their fan base sanctuary every round from desecrating by attackers using their graffiti bomb ball. -
2
XRAY
XRay for recon, mapping and OSINT gathering from public networks
...It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or app-security workflows: it leverages extensible plugins to adapt to different protocols, inject payloads, and detect common bug classes such as injection flaws, misconfigurations, and unsafe endpoints. The modular architecture means users can customize or extend the engine with new analyzers, fuzzers, or output formats tailored to specific testing environments. ... -
3
Commando VM
Complete Mandiant Offensive VM (Commando VM)
Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. -
4
Internal All The Things
Active Directory and Internal Pentest Cheatsheets
Internal All The Things is a large, community-driven cheat-sheet and documentation repository focused on internal network penetration testing and Active Directory (AD) exploitation. It covers a broad range of topics; AD certificate services, Kerberos attacks, lateral movement, tooling, post-exploitation techniques, and networking. The content is designed to help both learners and experienced red-teamers fill gaps in their internal pentest knowledge, especially for environments where AD and... -
No-Nonsense Code-to-Cloud Security for Devs | AikidoAikido provides a unified security platform for developers, combining 12 powerful scans like SAST, DAST, and CSPM. AI-driven AutoFix and AutoTriage streamline vulnerability management, while runtime protection blocks attacks.
-
5
theHarvester
E-mails, subdomains and names
theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering to help determine a company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using multiple public data sources. -
6
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
7
Sliver
Adversary Emulation Framework
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS and are dynamically compiled with per-binary asymmetric encryption keys. The server and client support MacOS, Windows, and Linux. Implants are supported on MacOS, Windows, and Linux (and possibly every Golang compiler target but we've not tested them all). -
8
Ignite
Infinite Red's cutting edge React Native project boilerplate
The culmination of five years of constant React Native development, Ignite is the most popular React Native app boilerplate for both Expo and bare React Native. This is the React Native boilerplate that the Infinite Red team uses on a day-to-day basis to build client apps. Developers who use Ignite report that it saves them two to four weeks of time on average off the beginning of their React Native project! Ignite apps include rock-solid technical decisions out of the box, like React Native, React Navigation 5, MobX-State-Tree (Why not Redux?), MobX-React-Lite, TypeScript, AsyncStorage (integrated with MST for restoring state), apisauce (to talk to REST servers), Flipper-ready, Reactotron-ready (and pre-integrated with MST), supports Expo out of the box, and more! ... -
9
Pacu
The AWS exploitation framework, designed for testing security
...Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience and research from our countless prior AWS red team engagements. Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation. -
Get safely back to businessEquip your team with a simple safety inspection and observation app that anyone can learn in minutes, so you can get safely back to business from wherever you are.
-
10
PoshC2
C2 framework used to aid red teamers with post-exploitation
PoshC2 is a proxy-aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in... -
11
HexStrike AI MCP Agents
HexStrike AI MCP Agents is an advanced MCP server
...It ships with curated tool adapters, task orchestration, and guidance for connecting popular agent clients (Claude, GPT, Copilot) to a hardened execution environment. Documentation highlights the breadth of supported utilities and positions HexStrike as a research and red-team aid, not a point-and-click exploit kit. A public site and active repository activity signal an expanding community around autonomous security research agents. -
12
DeepEval is a simple-to-use, open-source LLM evaluation framework, for evaluating and testing large-language model systems. It is similar to Pytest but specialized for unit testing LLM outputs. DeepEval incorporates the latest research to evaluate LLM outputs based on metrics such as G-Eval, hallucination, answer relevancy, RAGAS, etc., which uses LLMs and various other NLP models that run locally on your machine for evaluation. Whether your application is implemented via RAG or fine-tuning,...
-
13
JakiKaliOS
JakiKaliOS V.0.01 is a LiveRAM Debian distribution based on Kali Linux
JakiKaliOS is a LiveRAM Linux distribution based on Kali Linux, designed for cybersecurity professionals, ethical hackers, forensic analysts, and laboratory environments. The system runs entirely in RAM by default, leaving no disk footprint and providing fast, clean, and temporary work sessions ideal for security testing and controlled operations. JakiKaliOS includes a lightweight XFCE desktop optimized for performance and low resource usage, suitable for virtual machines, VPS consoles,...">
-
14
MentoLiga
Football/Soccer Leagues Manager
Manages the Football/Soccer! Creates, Manages any type of leagues. Manage multiple leagues. Tracking the league round to round. Results, standings, scorers, assists, disciplinary, substitutions, minutes played, recoveries, injuries, own goals, results table, play off and betting. Easy Data Entry System. (Automatic and Multi-Selection) League statistics. Disciplinary statistics. Statistics x Match. Automatic or manual fixtures. Search Engine. Filters GK - DEF - MID -... -
15
Tria Sistema Operatiu
Helps you find, download & burn the best Operating System for any PC
Tria O.S. detects hard & soft specs of the PC where you run it, you can load this info or specify it manually to let the program inform you what would be the best operating system for a specific PC, with the specified hardware, and then see the difference by adding RAM, a SSD hard drive, changing the graphics card ... etc. REQUIREMENTS: For Linux, you need GAMBAS 3.3 or later, so you will have to install the gambas3 package before installing. 90's EDITION needs 160 MB (192 MB on... -
16
HackTools
The all-in-one Red Team extension for Web Pentesters
The all-in-one Red Team browser extension for Web Pentesters. HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer need to search for payloads in different websites or in your local storage space, most of the tools are accessible in one click. -
17
Offensive Reverse Shell
Collection of reverse shells for red team operations
The Offensive Reverse Shell Cheat Sheet is a compilation of reverse shell payloads useful for red team operations and penetration testing. It provides ready-to-use code snippets in various programming languages, facilitating the establishment of reverse shells during security assessments. -
18
RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming
RedELK is a tracking and monitoring tool for Red Teams, providing insights into engagements and supporting real-time situational awareness for offensive operations. -
19
Alan Framework
A C2 post-exploitation framework
Alan Framework is a post-exploitation framework useful during red-team activities. You can run your preferred tool directly in-memory. JavaScript script execution (in-memory without third party dependency) Fully compliant SOCKS5 proxy. Supported agent types: Powershell (x86/x64), DLL (x86/x64), Executable (x86/x64), Shellcode (x86/x64). Server.exe can be executed in Linux (via dotnet core) The network communication is fully encrypted with a session key not recoverable from the agent binary or from a traffic dump. ... -
20
0xsp Mongoose RED for Windows
Framework for cybersecurity simulation and red teaming operations
0xsp mongoose red version is provided to assist your needs during cyber security simulation, by using this version you will be able to audit a targeted Windows operation system for system vulnerabilities, misconfiguration, and privilege escalation attacks and replicate the tactics and techniques of an advanced adversary in a network. With node js support for web application API, it becomes much easier for installation and customization in a timely manner, the windows sensor agent will... -
21
enum4linux
enum4Linux is a Linux alternative to enum.exe for enumerating data
...The script includes options to test multiple authentication modes, try name lookups, and probe RPC endpoints to widen the information surface. Because it runs on Linux and macOS, it slots naturally into automated recon workflows and red-team pipelines. Used responsibly, it’s an effective way to uncover misconfigurations and weak access controls before adversaries do. -
22
WinPwn
Automation for internal Windows Penetrationtest / AD-Security
...It streamlines many manual steps by integrating reconnaissance modules like Seatbelt, Inveigh, Rubeus, and PrivescCheck. With proxy auto‑detection, endpoint enumeration, and exploitation routines, it's widely used in red team and blue team tool chains. -
23
Taie-RedTeam-OS
泰阿安全实验室-红队单兵作战系统-Taie-RedTeam-OS
中文简介: 面向中国信息安全白帽子人员的红方渗透作战操作系统,内容工具更适用于中国的环境,避免大而全精简不常用的工具软件,集成国内优秀的开源渗透工具帮助红方人员更好的实施工作! Introducte: For Chinese information security white hat personnel red team infiltration combat operating system, the content and tools are more suitable for the Chinese environment, simplify not commonly used tool software, integration of domestic excellent open source infiltration tools to help red staff better implementation! -
24
Invoke-PSImage
Encodes a PowerShell script in the pixels of a PNG file
Invoke-PSImage is a PowerShell utility that hides, extracts, and optionally executes PowerShell payloads inside image files using simple steganography techniques. It can embed a script or binary blob into an image (commonly PNG or JPEG) and later recover that payload without leaving a separate file on disk, enabling in-memory execution workflows. The tool offers options for compression and encryption so the embedded content is both smaller and protected by a passphrase when required. It... -
25
bbplot
R package that helps create and export ggplot2 charts
bbplot is an R package developed by the BBC visual journalism team aimed at helping data journalists and analysts produce chart styles consistent with BBC aesthetics. It provides functions and themes that make it easier to adopt BBC’s visual style (fonts, colors, annotations, layout) in ggplot2 plots. The package includes helper functions for axis labels, captions, legends, branding (e.g. BBC red lines or accents), and common chart types styled for editorial presentation. ...