AI Summary: A-Red-Teamer-diaries is a collaborative repository containing publicly accessible notes and resources for penetration testing and red teaming activities, focusing on various tools and techniques employed during security assessments. Key features include a cheatsheet for quick command reference, detailed methodologies for effective exploitation, and practical scripts for network scanning and enumeration, enhancing both learning and efficiency in cybersecurity engagements. This tool serves as a practical guide for professionals aiming to improve their pentesting methodologies in controlled environments.

AI Summary: ADB WebKit is a browser-based tool designed for managing Android devices via ADB (Android Debug Bridge) with an intuitive user interface. Its primary use case includes functionalities like application management (installing, uninstalling, granting permissions), shell access, screen capture, and device control commands, making it a comprehensive solution for developers and testers. Notable features include support for live application management, real-time screen interactions, and various device control options, all accessible through a USB connection or IP address.

AI Summary: Awesome-Redteam is a comprehensive knowledge base designed for red teaming and offensive security research, providing users with a curated collection of tools, scripts, and tips. It features organized sections covering various aspects such as cybersecurity cheat sheets, cryptographic methods, cyberspace search tools, and open-source intelligence resources, all intended for educational purposes. The repository emphasizes legal usage and warns against employing its content for unauthorized activities.

README

Awesome-Redteam

❗【免责声明】本项目所涉及的技术、思路和工具仅供学习，任何人不得将其用于非法用途和盈利，不得将其用于非授权渗透测试，否则后果自行承担，与本项目无关。 使用本项目前请先阅读 法律法规。

AI Summary: Bashark 2.0 is a post-exploitation toolkit designed for penetration testers and security researchers to facilitate operations during the post-exploitation phase of security audits. It offers a simple command-line interface, where users can source the bashark.sh script to access various functions and commands, streamlining the process of managing compromised hosts. Key features include ease of use through a help menu and support for Bash scripting, making it a practical tool for enhancing post-exploitation activities.

AI Summary: DeimosC2 is a deprecated post-exploitation Command & Control (C2) tool designed to facilitate control over compromised machines across multiple operating systems including Windows, macOS, and Linux. Its notable features include dynamic agent generation, diverse communication methods (TCP, HTTPS, DoH, and QUIC), a graphical interface for managing listeners and agents, and robust security measures such as multi-user support and two-factor authentication. However, it is important to note that the tool has a known XSS vulnerability and is no longer maintained.

AI Summary: DllShimmer is a tool designed to facilitate DLL hijacking by allowing users to backdoor any function in a DLL without disrupting the normal operation of the host program. It generates proxy DLLs through a boilerplate C++ file and a corresponding .def file, ensuring that all exported functions maintain their original names and ordinal numbers, thus avoiding detection. Key features include support for both dynamic and static linking, the option to prevent multiple executions of the backdoor, and comprehensive debug logging capabilities.

AI Summary: EvilOSX is a Remote Administration Tool (RAT) designed for macOS that enables stealthy monitoring and control of compromised systems. It boasts features such as terminal emulation, module extensibility, and the ability to retrieve sensitive user data like passwords and iCloud tokens, all while remaining undetected by antivirus solutions through encrypted payloads. Additionally, it includes functionalities for taking screenshots, recording audio, and executing local privilege escalation attempts, making it a potent tool for unauthorized system access and data exfiltration.

AI Summary: Forensia is an anti-forensics tool designed for red teamers to eliminate traces during the post-exploitation phase. Its primary use case is to enhance evasion by supporting various functionalities such as unloading Sysmon drivers, employing the Gutmann method for file shredding, and disabling multiple logging mechanisms. Notable features include log erasure, file melting capabilities, and the ability to clear recent user activity and cache, thereby reducing the likelihood of detection by incident response teams.

AI Summary: Fsociety is a comprehensive penetration testing framework designed to provide a wide array of hacking tools utilized in the Mr. Robot series. It features modules for information gathering, password attacks, wireless testing, exploitation, web hacking, and post-exploitation, all implemented in Python 2, with detailed installation instructions for various platforms, including Docker support. Notable tools included are Nmap, sqlmap, WPScan, and several others tailored for diverse security testing scenarios.

AI Summary: Ghost Framework is an Android post-exploitation framework that leverages the Android Debug Bridge to enable remote access to Android devices. Its primary use case is for penetration testing and security assessments of Android applications and devices. Notable features include ease of installation via pip and a focus on facilitating comprehensive exploitation scenarios.

README

Ghost Framework



Ghost Framework is an Android post-exploitation framework that
exploits the Android Debug Bridge to remotely access an Android device.

Installation

pip3 install git+https://github.com/EntySec/Ghost

AI Summary: The go-shellcode tool enables users to execute shellcode directly from memory as a standalone process, aiming to circumvent antivirus detection. Its primary use case involves running custom shellcode for penetration testing or exploitation purposes, leveraging features like shellcode size handling via batch scripts and a recommendation for binary obfuscation using the garble tool. The tool requires manual architecture specification and supports 64-bit shellcode execution while providing instructions for building and compressing the resulting binary.

AI Summary: GTFOBins is a curated repository that catalogs Unix-like executables capable of circumventing local security restrictions in improperly configured systems. Its primary use case is to aid security professionals and penetration testers in identifying and exploiting misconfigurations. Notable features include a comprehensive database of binaries and detailed usage instructions for different scenarios.

README

GTFOBins

GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.

AI Summary: Heroinn is a cross-platform command-and-control (C2) and post-exploitation framework developed in Rust, designed primarily for research and educational purposes. Notable features include a graphical user interface (GUI), an interactive PTY shell, system information collection, file management with support for large files and resuming broken transfers, and compatibility with multiple operating systems including Windows, Linux, BSD, and macOS, leveraging various communication protocols such as TCP, HTTP, and reliable UDP.

AI Summary: Ligolo-ng is an advanced tunneling tool that establishes connections through a TUN interface, enabling penetration testers to create reverse TCP/TLS tunnels without the need for SOCKS proxies. Notable features include a user-friendly web interface, automatic configuration for certificates, support for multiple platforms, and resilience to network issues with automatic tunnel recovery. Its design facilitates streamlined network management and the ability to run tools directly over these tunnels.

README

Ligolo-ng : Tunneling like a VPN

AI Summary: MimiPenguin is a Linux tool designed to extract cleartext login passwords from the currently logged-in desktop user by dumping process memory. It utilizes a probability-based method to identify possible passwords by cross-referencing hashes from the /etc/shadow file and performing regex searches. Notably, version 2.0 features a C implementation aimed at enhancing speed and portability, while it maintains support for various desktop environments and authentication types including Gnome Keyring and LightDM.

AI Summary: mssqlproxy is a lateral movement tool designed to facilitate access through a compromised Microsoft SQL Server by utilizing socket reuse. It operates with sysadmin privileges and comprises a CLR assembly, a core DLL, and a client, allowing users to install and manage proxy services for connecting to external systems. Notable features include remote DLL management, commands for file transfer, and options for configuring local listening ports, although it currently supports only IPv4 connections.

AI Summary: PhpSploit is a full-featured Command and Control (C2) framework that maintains a persistent presence on web servers using a polymorphic PHP one-liner. Its primary use case is for penetration testing and exploitation, enabling users to execute commands, manage files remotely, interact with a SQL console, and escalate privileges through over 20 available plugins. Notable features include obfuscated communication via HTTP headers and seamless file upload/download capabilities, facilitating robust interactions with target systems while bypassing standard PHP security measures.

AI Summary: PowerHub is a post-exploitation tool designed for PowerShell, facilitating the transfer of potentially flagged data during penetration testing engagements. Its notable features include being fileless and stateless, utilizing cert pinning and RC4 encryption for string obfuscation, allowing seamless execution of C# programs in memory, and offering multiple methods to bypass AMSI. The tool simplifies processes such as running scripts and transferring sensitive information like Kerberos tickets or passwords, either through command line or a web interface, enhancing collaboration for testing teams.

AI Summary: PsMapExec is a PowerShell-based post-exploitation framework designed to facilitate penetration testing within Active Directory environments. It offers enhancements over similar tools like CrackMapExec and NetExec, allowing for comprehensive Active Directory enumeration and management with a user-friendly interface. The tool is self-contained, making it suitable for use in restricted environments, and emphasizes adherence to ethical guidelines and consent when utilized for security assessments.

README

PsMapExec

AI Summary: RedAmon is an autonomous AI framework designed for seamless cybersecurity operations that integrate reconnaissance, exploitation, and post-exploitation processes into a streamlined pipeline. It stands out by automatically triaging findings, applying code fixes, and generating pull requests in repositories, ensuring human oversight at critical junctures. Its notable features include support for over 38 security tools, integration with major vulnerability scanners, and configurable autonomy to adapt to various security assessment needs.

AI Summary: SILENTTRINITY is a modern, asynchronous, multiplayer command and control (C2) and post-exploitation framework designed for flexibility and stealth, utilizing Python 3 and the .NET Dynamic Language Runtime. It offers features such as real-time updates via Websockets, ECDHE encrypted communications, and a fully modular architecture allowing operators to customize their C2 channels and modules. The framework leverages embedded third-party .NET scripting languages for dynamic task evaluation, enhancing usability and providing capabilities akin to PowerShell without its direct use.

AI Summary: Vegile is a post-exploitation tool designed for maintaining stealthy backdoor/rootkit access on Linux systems. Its primary use case involves establishing persistent access to compromised hosts while enabling features such as process hiding and session unlimited capabilities in Metasploit. Notable functionalities include the ability to automatically restart hidden processes, ensuring persistent access even after termination, and support for various backdoor implementations, including those created with msfvenom.

README

Vegile - Ghost In The Shell

AI Summary: VENOM is a metasploit shellcode generator and compiler that enables users to create and inject shellcode payloads in various formats such as C#, Python, Ruby, and executable formats like ELF and APK. Its primary use case lies in Red Team operations, where it assists in payload delivery through a web server and leverages automation to handle dependencies and remote connections seamlessly. Notable features include support for multiple scripting languages, integration with compilers for building executables, and functionalities similar to other popular evasion tools.

AI Summary: VIPER is an advanced red team platform designed for adversary simulation and cybersecurity assessments, providing users with essential tools and functionalities for efficient red teaming operations. Notable features include a user-friendly interface, multi-platform support across Windows, Linux, and macOS, integration of over 100 post-exploitation modules aligned with the MITRE ATT&CK framework, and a built-in LLM agent for enhanced automation and intelligent decision-making. The platform also allows for custom module development, ensuring flexibility to meet diverse operational needs.

AI Summary: VMkatz is a cybersecurity tool designed to extract Windows credentials and secrets directly from virtual machine memory snapshots and disk images without the need for full exfiltration. It supports various input formats, including VMware snapshots and VirtualBox saved states, allowing efficient retrieval of sensitive data such as NTLM hashes, DPAPI master keys, and Kerberos tickets directly from the hypervisor or NAS. Notably, VMkatz operates as a single static binary, requiring minimal setup and enabling rapid credential access in red team engagements.

AI Summary: WADComs is an interactive cheat sheet designed for offensive security professionals, offering a curated list of tools and their commands specifically for targeting Windows and Active Directory environments. Its primary use case is to aid security experts in executing effective penetration testing by providing quick access to essential commands. Notable features include its comprehensive tool listings and command syntaxes, all consolidated in a web-based format for ease of use.