Red Team Tools Collection

This is a collection of red teaming tools that will help in red team engagements. The list is not complete, so i will keep updating it!

Reconnaissance

These tools are used to gather information passively or actively.

Tools Name	Descriptions
Nmap	Port/Service/Vulnerability Scanner
DnsRecon, Amass	DNS Enumeration Tool
Nikto	Website Misconfiguration Finder
Burp Suite Pro	Web Analyzing Semi-auto Tool
theHarvester	Find sub-domain, email address and employee info
Metgoofil	Extract pdf,doc,xls, etc
SpiderFoot	Open-source Information Gathering framework
Recon-ng	Open-source Information Gathering framework

Weaponization & Initial Foothold

Cracking Password

Password attacking tools for initial footholds

Tools Name	Descriptions
CUPP	Common User Passwords Profiler
CeWL	Custom Word List generator
Ruler	Exchange Server Password Spraying
Hydra	Password Brute Forcer can be used for Password Spraying too
Hashcat	Offline hash cracking tool

Payload Development

Useful tools to develop payloads!

Tools Name	Descriptions
Unicorn	Payload Creation Tools for Microsoft Office
Office-DDE-Payloads	Collection of scripts and templates to generate Word and Excel documents embedded with the DDE, macro-less command execution technique
The Social-Engineer Toolkit	Open-source social engineering framework
DotNetToJScript	Convert .Net App to Javascript
Meta Twin	File resource cloner
SharpShooter	Payload creation framework
Invoke-Obfuscation	Powershell script Obfuscation tool.
EmbedInHTML	Hide file in HTML
macro_pack	Payload Creation tool(Pro for advanced feature like AV evasion)
BeEF	Browser Exploitation Framework(XSS)
ScareCrow	ScareCrow is a payload creation framework
IVY	Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code in memory.
charlotte	c++ fully undetected shellcode launcher
Offensive-VBA	VBA script collection

Payload Delivery

Some tools to deliver your payloads.

Tools Name	Descriptions
Gophish	Open-sources phishing Toolkit
King-Phisher	Phishing Toolkit
FiercePhish	FiercePhish is a full-fledged phishing framework to manage all phishing engagements.

Command & Control

The C2 framework, where you receive your reverse connection.

Tools Name	Descriptions
Poshc2	Proxy aware C2 Framework
Empire	Empire 4 is a post-exploitation framework that includes a pure-PowerShell Windows agents, Python 3.x Linux/OS X agents, and C# agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects.
Merlin	Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go.
MSF	Open-source Pentesting framework can be used as C2
Cobalt Strike	Popular paid command and control software

AD & Lateral Movement

Helpful tools to move one computer to another.

Tools Name	Descriptions
PowerView	Active Directory Recon Tool
PowerUpSQL	SQL Server Attacking tool
Sharphound,Bloodhound	Active Directory Recon Tool
Responder	LLMNR, NBT-NS and MDNS poisoner
Impacket	Collection of python scripts
Mimikatz	Password Dumping and Lateral Movement tool
CrackMapExec	This is a post-exploitation tool that helps automate assessing the security of large Active Directory networks.
MoveKit	Cobalt Strike kit for Lateral Movement

Escalation

If you need to escalate the privilege, these tools can be helpful

Tools Name	Descriptions
Sherlock	Powershell script to find local exploits
PowerUp	Powershell script to find local exploits
Winpeas	Windows Priv Escalation Scripts
linPEAS	Linux Priv Escalation Scripts
LSE	Another Linux Priv Escalation Script
Rubeus	Kerberos Abuse tool
AD ACL Scanner	Powershell script that report DACLs and SACLs
Seatbelt	Seatbelt is a C# project that performs a number of security oriented host-survey “safety checks”
ElevateKit	Cobalt Strike Kit for Priv Escalation

Persistence

To be continue

Exfiltration

To be continue

Note: This document is not complete yet. I will update soon!