Red Team

Applications that add capability to Red Teams

Tool	Description	Source
BlackMamba	BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. It is powered by Python 3.8.6 and QT Framework.	https://github.com/loseys/BlackMamba
Chisel	Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server.	https://github.com/jpillora/chisel
disctopia-c2	Disctopia is an open source Python Discord Bot that works as a backdoor that you can control from a Discord server. It uses the Discord API to communicate between the agent and the Discord server.	https://github.com/3ct0s/disctopia-c2
dns2cat	This tool is designed to create an encrypted command-and-control (C&C) channel over the DNS protocol	https://github.com/iagox86/dnscat2
Empire	Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server, Starkiller.	https://github.com/BC-SECURITY/Empire
Gophish	Gophish is an open-source phishing toolkit designed for businesses and penetration testers	https://github.com/gophish/gophish
Invoke-EDRChecker	The script will check running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.	https://github.com/PwnDexter/Invoke-EDRChecker
King Phisher	King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks	https://github.com/rsmusllp/king-phisher
NIPE	An engine to make Tor Network your default gateway.	https://github.com/htrgouvea/nipe
Priv2Admin	The idea is to "translate" Windows OS privileges to a path leading to: administrator, integrity and/or confidentiality threat, availability threat, just a mess.	https://github.com/gtworek/Priv2Admin
pwndrop	pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV.	https://github.com/kgretzky/pwndrop
SharpEDRChecker	New and improved C# Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools. Catches hidden EDRs as well via its metadata checks, more info can be found in my blog post here.	https://github.com/PwnDexter/SharpEDRChecker
Vulnerable-AD	Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab	https://github.com/WazeHell/vulnerable-AD