AI Summary: Raccoon is an offensive security tool designed for reconnaissance and information gathering, offering a wide range of features like DNS enumeration, WHOIS lookup, TLS data analysis, port scanning, and directory fuzzing. With support for asynchronous scanning via Python’s asyncio and anonymity through Tor/proxies, it provides efficient and robust scanning capabilities while organizing outputs by target and scan type. Additionally, it leverages default wordlists from SecLists for various reconnaissance tasks, enhancing its operational effectiveness.

AI Summary: The r2book is a collaboratively maintained documentation resource for the Radare2 reverse engineering framework, serving as an updated version of the original radare1 book. Its primary use case is to provide users with comprehensive information and guidance on utilizing Radare2 effectively, while notable features include community contributions for continuous content improvement and online accessibility.

README

r2book

This book is an updated version maintained by the community of the original radare1 book written by pancake.

AI Summary: RamiGPT is an AI-driven offensive security tool that facilitates privilege escalation to root accounts using OpenAI’s technology and PwnTools. Its primary use case involves quickly exploiting vulnerabilities across various systems, achieving root access in under a minute, as demonstrated by its performance on multiple VulnHub scenarios. The tool features a user-friendly GUI and seamless integration with Docker for easy deployment and configuration, leveraging tools like BeRoot and LinPEAS for effective enumeration.

AI Summary: Randar is a Minecraft exploit targeting versions Beta 1.8 to 1.12.2 that uses LLL lattice reduction to manipulate the game’s random number generator, java.util.Random, allowing attackers to derive the precise coordinates of other players’ locations based on item drop positions from mined blocks. The exploit hinges on a vulnerability in the game’s code, where improper reuse of RNG instances can be exploited to track players across vast distances, making it particularly significant on anarchic servers like 2b2t, where player anonymity and location security are critical. Notable features include the ability to reverse-engineer the RNG state to pinpoint player coordinates efficiently and the reliance on advanced mathematical techniques to achieve this.

AI Summary: The Ransomware collection repository provides a suite of ransomware scripts designed for educational and testing purposes. Users are cautioned against executing these scripts on their devices due to their malicious nature. Key features include compatibility with multiple operating systems such as Termux, Kali Linux, Ubuntu, and others, thereby making it a versatile tool for research and development in cybersecurity contexts.

README

☣️ Ransomwares Collection ☣️

- Don't Run Them on Your Device.
- Handle with caution 

💿 Installation 💿

git clone https://github.com/Err0r-ICA/Ransomware
cd Ransomware
python3 Ransomware

AI Summary: The Ransomware Tool Matrix repository provides an extensive catalog of tools utilized by various ransomware gangs, enabling cybersecurity defenders to identify and mitigate threats effectively. This resource can be leveraged for threat hunting, incident response, and adversary emulation by tracking the tools’ usage patterns and associated tactics, techniques, and procedures (TTPs). Notable features include categorized lists of tools—including those for credential theft, defense evasion, and networking—as well as links to relevant threat intelligence reports and resources.

AI Summary: RapidScan is a multifaceted web vulnerability scanner that automates the execution of various security scanning tools to efficiently uncover and assess vulnerabilities in web applications. Notable features include its one-step installation, support for multiple tools like nmap and nikto, the ability to correlate results to reduce false positives, and the provision of detailed vulnerability definitions and remediation strategies. The tool is designed to streamline the penetration testing process, saving valuable time while offering comprehensive reporting and future plans for AI-driven tool deployment based on detected issues.

AI Summary: Raven is a developer security tool designed to enhance the security of software projects by providing capabilities for managing and monitoring secrets, vulnerabilities, and compliance across development environments. Its primary use case is to integrate seamlessly into CI/CD pipelines, ensuring that code remains secure throughout the software development lifecycle. Notable features include real-time detection of security risks, a user-friendly interface, and integration with various popular development tools and platforms.

AI Summary: readpe is a comprehensive command line toolkit designed for the analysis and manipulation of PE (Portable Executable) binaries across multiple platforms. Its primary use case involves providing developers and security analysts with tools to inspect, modify, and understand the structure of PE files. Notable features include easy installation and building on various operating systems, as well as its background as a successor to the original pev tool, with enhanced functionality integrated into a single repository.

AI Summary: ReC98 is a reverse-engineering project that aims to reconstruct the source code of the first five Touhou Project games originally released for the NEC PC-9801 system. It allows for perfect replications of the original binaries, thus maintaining the integrity of the source while enabling modding and porting efforts by providing a comprehensible codebase. Notable features include the preservation of the original game’s mechanics, position independence, and support for community modifications.

AI Summary: Recaf is a modern Java bytecode editor designed to simplify the editing and manipulation of Java and Android bytecode by abstracting complex details. Key features include a user-friendly interface, support for multiple decompilers, built-in bytecode compiling and assembling, advanced search capabilities, and tools for code deobfuscation. Additionally, it allows users to script and extend functionality through plugins, and can operate as a command line application for automated processes.

AI Summary: Reconmap is an open-source penetration testing management and automation platform that aids security professionals throughout the engagement lifecycle by efficiently planning, executing, and reporting on security assessments. Its notable features include real-time execution and scheduling of security commands, automated output capture, vulnerability tracking, and the generation of professional reports in multiple formats, all aimed at streamlining workflows and enhancing collaboration among InfoSec teams.

README

AI Summary: Reconnoitre is a reconnaissance tool designed for automating information gathering and service enumeration tailored for OSCP labs. Its primary use case involves creating a structured directory for storing results, findings, and recommended commands for each target host while offering features like DNS and SNMP sweeps, service scanning, and virtual host discovery using customizable wordlists. The tool emphasizes ease of use and flexibility, allowing users to execute tailored reconnaissance operations efficiently.

AI Summary: ReconPi is a lightweight reconnaissance tool designed for extensive domain analysis and asset discovery using a Raspberry Pi or a VPS. Its primary functionality includes resolving domain names, subdomain enumeration, vulnerability scanning using Nmap, and integrating tools like Nuclei for template-based security assessments. Notable features include automated reporting, Slack notifications, and easy installation through a straightforward script, making it accessible for cyber reconnaissance tasks.

README

Recon Pi

__________                          __________.__ 
\______   \ ____   ____  ____   ____\______   \__|
 |       _// __ \_/ ___\/  _ \ /    \|     ___/  |
 |    |   \  ___/\  \__(  <_> )   |  \    |   |  |
 |____|_  /\___  >\___  >____/|___|  /____|   |__|
        \/     \/     \/           \/             
                            
			v2.2 - @x1m_martijn 

ReconPi - A lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.

AI Summary: RecoverPy is a data recovery tool that scans raw disk partitions to recover deleted files by directly inspecting disk blocks and searching for specific byte patterns. Designed primarily for forensic data recovery, it allows users to navigate adjacent blocks to retrieve fragmented data while ensuring that the entire scanning process is memory-efficient and focused solely on raw data, without attempting any filesystem interpretations. Notably, it facilitates efficient block inspection and content extraction, though success depends on the integrity of the underlying disk blocks.

AI Summary: Red Baron is a Terraform-based framework designed to automate the deployment of secure, resilient, and disposable infrastructure tailored for Red Team operations. This tool offers several pre-compiled custom and third-party Terraform providers to facilitate infrastructure setup on various cloud platforms. Notably, it integrates easily with services like Linode and GoDaddy, enhancing the agility and efficiency of infrastructure management for penetration testing scenarios.

README

Latest version of this project is now being maintained here:

AI Summary: The Red Team Infrastructure Wiki provides comprehensive guidance for establishing a robust and resilient Red Team infrastructure, aimed at enhancing operational effectiveness in adversarial engagements. Notable features include detailed design considerations for functional segregation, integration of redirectors for obscured communication, and streamlined deployment strategies for phishing and command and control (C2) operations. This resource is particularly valuable for enhancing agility against defensive measures during long-term engagements and during active incident responses.

AI Summary: The Red Teaming Toolkit is an open-source collection of security tools designed to facilitate adversary simulation and enhance threat hunting capabilities. It features various tools organized by categories including reconnaissance, initial access, and lateral movement, providing functionalities such as port scanning, OSINT gathering, and credential dumping. The toolkit serves both security practitioners aiming to test network defenses and those looking to improve detection and prevention mechanisms against potential threats.

AI Summary: RedAmon is an autonomous AI framework designed for seamless cybersecurity operations that integrate reconnaissance, exploitation, and post-exploitation processes into a streamlined pipeline. It stands out by automatically triaging findings, applying code fixes, and generating pull requests in repositories, ensuring human oversight at critical junctures. Its notable features include support for over 38 security tools, integration with major vulnerability scanners, and configurable autonomy to adapt to various security assessment needs.

AI Summary: REDasm is a cross-platform disassembler designed for both hobbyists and professional reverse engineers, featuring a modern codebase and a user-friendly Qt frontend. It supports C++ and Python 3 plugins, multithreaded analysis, and various binary formats including Portable Executable and ELF, while providing capabilities like binary lifting and intermediate language analysis. The underlying architecture, driven by LibREDasm, allows for extensive customization and the addition of new languages.

README

Features | Compile | Reddit | Twitter | Telegram

Tested on Windows and Linux.

AI Summary: REDRIVER2 is a reverse-engineered reimplementation of the original game, translating MIPS code back to C without emulation, and significantly enhancing it beyond the original PlayStation version. The tool supports modding with replacement of textures and models, runs on multiple platforms including Windows and Linux, and integrates a custom porting layer based on the Psy-X emulator. It utilizes advanced reverse engineering methods, including debugging symbols and semi-automatic decompilation techniques to achieve a fully playable game experience.

AI Summary: RedSnarf is a penetration testing and red team tool designed for the extraction of hashes and credentials from Windows environments, including workstations, servers, and domain controllers, utilizing operationally safe techniques. Key features include the retrieval of local SAM hashes, enumeration of users with elevated privileges, and capabilities for hash spraying, LSASS dumps, and remote management functions like enabling/disabling RDP and clearing event logs. The tool focuses on efficient credential collection and strengthening post-exploitation analysis while maintaining a low profile during operations.

AI Summary: RedTeam-Tools is a comprehensive repository containing over 150 tools and resources specifically designed for red teaming activities, encompassing both targeted tools and general-purpose utilities adaptable for offensive operations. Notable features include a variety of specialized tips for advanced red team techniques, as well as tools for reconnaissance, exploitation, and post-exploitation, catering to a wide range of attack vectors and methodologies. This collection serves as both a practical toolkit and an educational resource for those engaged in offensive cybersecurity practices.

AI Summary: This repository contains personal notes focused on red teaming and offensive security, emphasizing practical experiments with various penetration testing techniques and tools in a controlled lab environment. It covers a range of methodologies, including code execution, defense evasion, and lateral movement, while aiming to enhance understanding of cyber attacks and malware development. Notable features include a commitment to referencing other researchers’ work and a critical approach to self-learning through experimentation and documentation.

AI Summary: The “reentrancy-attacks” repository provides a comprehensive historical collection of reentrancy attack incidents on smart contracts. It categorizes various types of attacks, including single-function and cross-chain reentrancy, and includes detailed timelines, victim contracts, and exploit transactions for notable cases. This tool serves as a reference for understanding and analyzing reentrancy vulnerabilities in blockchain applications.

README

⚔️ A Historical Collection of Reentrancy Attacks

📌 Definition of a Reentrancy Attack