redteam

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🔎 Hunt down social media accounts by username across social networks

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Web path scanner

E-mails, subdomains and names Harvester - OSINT

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

List of Awesome Red Teaming Resources

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Cyber Security ALL-IN-ONE Platform

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

CobaltStrike的相关资源汇总 / List of Awesome CobaltStrike Resources

Red Teaming Tactics and Techniques

Tools and Techniques for Red Team / Penetration Testing

Redteam operation platform with webui 图形化红队行动辅助平台

Automation for internal Windows Penetrationtest / AD-Security

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.