List of tools used by Red Teams
Reconnaissance
Tool | Description | Website |
---|
AWSBucketDump | S3 bucket enumeration | |
GitHarvester | GitHub credential searcher | |
spoofcheck | SPF/DMARC record checker | |
dnsrecon | Enumerate DNS records | |
jsendpoints | Extract page DOM links | |
| | |
Resource Development
Initial Access
Tool | Description | Website |
---|
EvilGoPhish | Phishing campaign framework | |
SquarePhish | OAuth/QR code phishing framework | |
Bash Bunny | USB attack tool | |
EAP Hammer | | |
SET | The Social-Engineer Toolkit Phishing campaign framework | |
| | |
Execution
Website | Description | Website |
---|
Responder | LLMNR, NBT-NS and MDNS poisoner | |
Evil-WinRM | | |
Rubeus | Rubeus is a C# toolset for raw Kerberos interaction and abuses. | |
| | |
| | |
| | |
Persistence
Tool | Description | |
---|
SharPersist | Windows persistence toolkit is written in C#. For detailed usage information on each technique check my docs. | |
| | |
| | |
| | |
| | |
Privilege Escalation
Tool | | |
---|
WinPEAS | Windows privilege escalation | |
Watson | Windows privilege escalation tool | |
Sherlock | PowerShell privilege escalation tool | |
| | |
| | |
Defense Evasion
| | |
---|
Invoke-Obfuscation | Script obfuscator | |
Veil | Metasploit payload obfuscator | |
| | |
| | |
| | |
Credential Access
| Description | Website |
---|
Mimikatz | | |
SCOMDecrypt | | |
hashcat | | |
Snaffler | Active directory credential collector | |
| | |
| | |
Discovery
Lateral Movement
Collect & Analyze
Tool | Description | Website |
---|
Bloodhound | | |
| | |
Command and Control
Tool | Description | Website |
---|
Covenant | | |
Havoc | | |
Merlin | | |
Metasploit | | |
Cobalt Strike | | |
| | |
Exfiltration
Web Tools
| | |
---|
LOLBins | | |
WADComs | | https://wadcoms.github.io/ |
| | |
| | |
| | |
| | |
Powershell