Red Team Tools Collection

This is a collection of red teaming tools that will help in red team engagements. The list is not complete, so i will keep updating it!


These tools are used to gather information passively or actively.

Tools NameDescriptions
NmapPort/Service/Vulnerability Scanner
DnsRecon, AmassDNS Enumeration Tool
NiktoWebsite Misconfiguration Finder
Burp Suite ProWeb Analyzing Semi-auto Tool
theHarvesterFind sub-domain, email address and employee info
MetgoofilExtract pdf,doc,xls, etc
SpiderFootOpen-source Information Gathering framework
Recon-ngOpen-source Information Gathering framework

Weaponization & Initial Foothold

Cracking Password

Password attacking tools for initial footholds

Tools NameDescriptions
CUPPCommon User Passwords Profiler
CeWLCustom Word List generator
RulerExchange Server Password Spraying
HydraPassword Brute Forcer can be used for Password Spraying too
HashcatOffline hash cracking tool

Payload Development

Useful tools to develop payloads!

Tools NameDescriptions
UnicornPayload Creation Tools for Microsoft Office
Office-DDE-PayloadsCollection of scripts and templates to generate Word and Excel documents embedded with the DDE, macro-less command execution technique
The Social-Engineer ToolkitOpen-source social engineering framework
DotNetToJScriptConvert .Net App to Javascript
Meta TwinFile resource cloner
SharpShooterPayload creation framework
Invoke-ObfuscationPowershell script Obfuscation tool.
EmbedInHTMLHide file in HTML
macro_packPayload Creation tool(Pro for advanced feature like AV evasion)
BeEFBrowser Exploitation Framework(XSS)
ScareCrowScareCrow is a payload creation framework
IVYIvy is a payload creation framework for the execution of arbitrary VBA (macro) source code in memory.
charlottec++ fully undetected shellcode launcher
Offensive-VBAVBA script collection

Payload Delivery

Some tools to deliver your payloads.

Tools NameDescriptions
GophishOpen-sources phishing Toolkit
King-PhisherPhishing Toolkit
FiercePhishFiercePhish is a full-fledged phishing framework to manage all phishing engagements.

Command & Control

The C2 framework, where you receive your reverse connection.

Tools NameDescriptions
Poshc2Proxy aware C2 Framework
EmpireEmpire 4 is a post-exploitation framework that includes a pure-PowerShell Windows agents,
Python 3.x Linux/OS X agents, and C# agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects.
MerlinMerlin is a cross-platform post-exploitation Command & Control server and agent written in Go.
MSFOpen-source Pentesting framework can be used as C2
Cobalt StrikePopular paid command and control software

AD & Lateral Movement

Helpful tools to move one computer to another.

Tools NameDescriptions
PowerViewActive Directory Recon Tool
PowerUpSQLSQL Server Attacking tool
Sharphound,BloodhoundActive Directory Recon Tool
ResponderLLMNR, NBT-NS and MDNS poisoner
ImpacketCollection of python scripts
MimikatzPassword Dumping and Lateral Movement tool
CrackMapExecThis is a post-exploitation tool that helps automate assessing the security of large Active Directory networks.
MoveKitCobalt Strike kit for Lateral Movement


If you need to escalate the privilege, these tools can be helpful

Tools NameDescriptions
SherlockPowershell script to find local exploits
PowerUpPowershell script to find local exploits
WinpeasWindows Priv Escalation Scripts
linPEASLinux Priv Escalation Scripts
LSEAnother Linux Priv Escalation Script
RubeusKerberos Abuse tool
AD ACL ScannerPowershell script that report DACLs and SACLs
SeatbeltSeatbelt is a C# project that performs a number of security oriented host-survey “safety checks”
ElevateKitCobalt Strike Kit for Priv Escalation


To be continue


To be continue

Note: This document is not complete yet. I will update soon!