OpenSecAtlas
OPENSECATLAS
11/12 free views
Tool
Framework
Penetration Testing & Red Teaming

Red-Teaming-Toolkit

by infosecn1nja

10.0Kstars
2.3Kforks
430watchers
Updated 3 months ago
About

A curated collection of cutting-edge open-source security tools for red teamers and threat hunters, covering reconnaissance, initial access, and beyond.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Primary Use Case

This repository serves as a comprehensive resource for offensive security professionals and threat hunters by aggregating a wide array of open-source tools. It aims to streamline the adversary simulation process and aid in the development of detection and prevention controls by providing access to tools for various stages of an attack lifecycle.

Key Features
  • Comprehensive coverage of red teaming phases (Reconnaissance, Initial Access, Defense Evasion, etc.)
  • Includes tools for OSINT, exploitation, and threat hunting
  • Focuses on cutting-edge open-source security tools
  • Facilitates adversary simulation
  • Aims to improve detection and prevention capabilities

Installation

  • Clone the repository: git clone https://github.com/infosecn1nja/Red-Teaming-Toolkit.git
  • Navigate to the cloned directory: cd Red-Teaming-Toolkit
  • Follow individual tool installation instructions as provided in their respective READMEs or linked URLs.

Usage

>_ RustScan

The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported).

>_ Amass

In-depth Attack Surface Mapping and Asset Discovery

>_ gitleaks

Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repos.

>_ S3Scanner

Scan for open S3 buckets and dump the contents

>_ cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

>_ Recon-ng

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

>_ buster

An advanced tool for email reconnaissance

>_ linkedin2username

OSINT Tool: Generate username lists for companies on LinkedIn

>_ WitnessMe

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

>_ pagodo

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

>_ AttackSurfaceMapper

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

>_ SpiderFoot

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.

>_ dnscan

dnscan is a python wordlist-based DNS subdomain scanner.

>_ spoofcheck

A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing.

>_ LinkedInt

LinkedIn Recon Tool

Security Frameworks
Reconnaissance
Initial Access
Execution
Persistence
Exfiltration
Usage Insights
  • Integrate this toolkit with automated attack simulation platforms to enhance red team efficiency.
  • Use the reconnaissance tools in threat hunting to proactively identify attacker footholds and improve detection rules.
  • Leverage the credential dumping and lateral movement tools for purple team exercises to test blue team detection and response capabilities.
  • Continuously update and curate the toolkit with community contributions to stay ahead of emerging attacker techniques.
  • Combine with SIEM and EDR solutions to correlate red team activities with detection alerts for comprehensive security posture assessment.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about Red-Teaming-Toolkit. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile
Red Team90%
Blue Team40%
Purple Team70%
Details
LicenseGNU General Public License v3.0
Open Issues15
Topics
red-team
hacking
infosec
pentesting

Related Tools

Awesome-Hacking icon

Awesome-Hacking

Hack-with-Github/Awesome-Hacking

Documentation

A collection of various awesome lists for hackers, pentesters and security researchers

104.7K
3 months ago
hackingtool icon

hackingtool

Z4nzu/hackingtool

Tool

ALL IN ONE Hacking Tool For Hackers

54.5K
3 months ago
mitmproxy icon

mitmproxy

mitmproxy/mitmproxy

Tool

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

41.9K
3 months ago
sqlmap icon

sqlmap

sqlmapproject/sqlmap

Tool

Automatic SQL injection and database takeover tool

36.3K
3 months ago
metasploit-framework icon

metasploit-framework

rapid7/metasploit-framework

Tool

Metasploit Framework

35.7K
10 months ago
h4cker icon

h4cker

The-Art-of-Hacking/h4cker

Educational Resource

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org

24.8K
3 months ago