Redteam Tools
Introduction
Step into the world of offensive cybersecurity with our Red Team Tools resource list. This compilation is designed to equip you with the tools and techniques for penetration testing and ethical hacking. Uncover vulnerabilities like a pro!
Note Taking
- CherryTree: A hierarchical note-taking application.
- KeepNote: Notebook application to store your class notes, to-dos, research notes.
- PenTest.ws: Online platform for managing penetration testing.
- Microsoft OneNote: Digital note-taking app.
- Joplin with TJNull (OffSec Community Manager) template: Note-taking and to-do application with synchronization capabilities.
- Obisidian Mark Down: Knowledge base that works on top of a local folder of plain text Markdown files.
- Trilium: Hierarchical note-taking application with focus on building large personal knowledge bases.
Reporting Frameworks
- Dradis: Collaboration and reporting platform for IT teams.
- Serpico: Penetration testing report generation and collaboration tool.
Report Templates
- Created by whoisflynn: OSCP exam report template.
- Created by Noraj: Markdown OSCP exam report template.
Reconnaissance
- Passive Reconnaissance Tools - Comprehensive guide to tools for gathering information without direct interaction.
Enumeration
- AutoRecon: Multi-threaded network reconnaissance tool.
- nmapAutomator: Tool to automate nmap scans.
- Reconbot: Enumeration and vulnerability scanner.
- Raccoon: Reconnaissance and vulnerability scanning tool.
- RustScan: Fast port scanner.
- BashScan: Bash script to wrap nmap.
- nmap: Network exploration tool and security scanner.
- ncat: Networking utility for reading, writing, redirecting data across a network.
- ndiff: Compares results of nmap scans.
- parsero: Analyzes the robots.txt files of websites.
- theharvester: Tool for gathering e-mail accounts, subdomains, virtual hosts, open ports, and banners from different public sources.
Web Related
- Dirsearch: Web path scanner.
- GoBuster: Directory/file & DNS busting tool.
- Recursive GoBuster: Script to automate recursive runs of gobuster.
- wfuzz: Web application fuzzer.
- goWAPT: Go Web Application Penetration Test.
- ffuf: Fast web fuzzer.
- Nikto: Web server scanner.
- dirb: Web content scanner.
- dirbuster: GUI based web directory scanner.
- feroxbuster: Recursive content discovery tool.
- FinalRecon: Web recon tool.
- gobuster: Directory/file & DNS busting tool.
- burpsuite: Web vulnerability scanner.
Network Analysis
- wireshark: Network protocol analyzer.
- tshark: Network protocol analyzer (command line).
- ettercap: Comprehensive suite for man-in-the-middle attacks.
- tcpdump: Packet analyzer.
- responder: LLMNR, NBT-NS, and MDNS poisoner.
- hping3: Network tool able to send custom TCP/IP packets.
- armitage: Graphical cyber attack management tool.
- netdiscover: Active/passive address scanner.
- dnsrecon: DNS enumeration script.
- yersinia: Network tool designed to take advantage of some weaknesses in different network protocols.
- nbtscan: Tool to gather NetBIOS info from Windows networks.
- scapy: Packet manipulation tool.
File Analysis and Forensics
- binwalk: Firmware analysis tool.
- autopsy: Digital forensics platform.
- testdisk: Data recovery software.
- foremost: Forensic program to recover lost files.
- capstone: Disassembly framework.
- xplico: Network forensic analysis tool.
File Transfers
- updog: File serving and sharing platform.
Wordlists / Dictionaries
- SecLists: Collection of multiple types of lists used during security assessments.
Payload Generators
- Reverse Shell Generator: Tool to quickly generate reverse shells.
- Windows Reverse Shell Generator: Generates reverse shells for Windows.
- MSFVenom Payload Creator: Wrapper to generate multiple types of payloads.
Terminal and Shell Utilities
- tmux: Terminal multiplexer.
- tmux-logging: Tmux logging plugin.
- Oh My Tmux: Tmux configuration.
- screen: Full-screen window manager.
- Terminator: Terminal emulator.
- vim-windir: Vim plugin to change directories.
- powershell: Task automation and configuration management framework.
Exploits and Vulnerability Analysis
- Exploit-DB: Database of exploits.
- Windows Kernel Exploits: Collection of Windows kernel exploits.
- AutoNSE: Automated script to run nmap and enum.
- Linux Kernel Exploits: Collection of Linux kernel exploits.
Password Attacks
- BruteX: Automatically brute force all services running on a target.
- Hashcat: Password cracker.
- John the Ripper: Password cracker.
Post-Exploitation / Privilege Escalation
- LinEnum: Script for Linux enumeration.
- linprivchecker: Linux privilege escalation checker.
- Powerless: Windows privilege escalation helper script.
- PowerUp: PowerShell tool to assist with privilege escalation on Windows.
- Linux Exploit Suggester: Script to suggest exploits for Linux.
- Windows Exploit Suggester: Script to suggest exploits for Windows.
- Windows Privilege Escalation Awesome Scripts (WinPEAS): Windows enumeration script.
- Linux Privilege Escalation Awesome Script (LinPEAS): Linux enumeration script.
- GTFOBins (Bypass local restrictions): List of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
- Get GTFOBins: Script to fetch binaries from GTFOBins.
- sudo_killer: Script to identify and exploit sudo rulesβ misconfigurations and vulnerabilities within sudo.
- WADComs: Collection of commands that might be useful in an assessment, with a focus on one-liners.
- LOLBAS: Living Off The Land Binaries and Scripts - (and also Libraries).
- mimikatz: Utility to extract plaintexts passwords, hash, PIN code from memory.
Contribute to the Red Team Tools List!
If youβre aware of any other red team tools or have feedback on the current list, weβd love to hear from you. Please share your suggestions below or directly contribute by editing the Wiki!
How to Contribute?
Check out our full resource masterlist