Tools and Techniques for Red Team / Penetration Testing

🐢 Open-Source Evaluation & Testing library for LLM Agents

Adversary simulation and Red teaming platform with AI

The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.

Sandman is a NTP based backdoor for hardened networks.

Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments

Nimbo-C2 is yet another (simple and lightweight) C2 framework

Venom is a library that meant to perform evasive communication using stolen browser socket

Compiled tools for internal assessments

Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#, C++, Crystal and Python

DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

Generic PE loader for fast prototyping evasion techniques

Repo containing cracked red teaming tools.

Framework for testing vulnerabilities of large language models (LLM).

A comprehensive modern architecture model is proposed to integrate platform solutions and tooling to support a professional Red Team.

smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

Spoofing desktop login applications with WinForms and WPF

Self-hosted passive subdomain continous monitoring tool.

AI-Driven Automated Red Team Orchestration Framework | AI驱动的自动化红队编排框架 | 101 MCP Tools | 2000+ Payloads | Full ATT&CK Coverage | MCTS Attack Planner | Knowledge Graph | Cross-platform