List of tools used by Red Teams
Reconnaissance
| Tool | Description | Website |
|---|
| AWSBucketDump | S3 bucket enumeration | |
| GitHarvester | GitHub credential searcher | |
| spoofcheck | SPF/DMARC record checker | |
| dnsrecon | Enumerate DNS records | |
| jsendpoints | Extract page DOM links | |
| | |
Resource Development
Initial Access
| Tool | Description | Website |
|---|
| EvilGoPhish | Phishing campaign framework | |
| SquarePhish | OAuth/QR code phishing framework | |
| Bash Bunny | USB attack tool | |
| EAP Hammer | | |
| SET | The Social-Engineer Toolkit Phishing campaign framework | |
| | |
Execution
| Website | Description | Website |
|---|
| Responder | LLMNR, NBT-NS and MDNS poisoner | |
| Evil-WinRM | | |
| Rubeus | Rubeus is a C# toolset for raw Kerberos interaction and abuses. | |
| | |
| | |
| | |
Persistence
| Tool | Description | |
|---|
| SharPersist | Windows persistence toolkit is written in C#. For detailed usage information on each technique check my docs. | |
| | |
| | |
| | |
| | |
Privilege Escalation
| Tool | | |
|---|
| WinPEAS | Windows privilege escalation | |
| Watson | Windows privilege escalation tool | |
| Sherlock | PowerShell privilege escalation tool | |
| | |
| | |
Defense Evasion
| | |
|---|
| Invoke-Obfuscation | Script obfuscator | |
| Veil | Metasploit payload obfuscator | |
| | |
| | |
| | |
Credential Access
| Description | Website |
|---|
| Mimikatz | | |
| SCOMDecrypt | | |
| hashcat | | |
| Snaffler | Active directory credential collector | |
| | |
| | |
Discovery
Lateral Movement
Collect & Analyze
| Tool | Description | Website |
|---|
| Bloodhound | | |
| | |
Command and Control
| Tool | Description | Website |
|---|
| Covenant | | |
| Havoc | | |
| Merlin | | |
| Metasploit | | |
| Cobalt Strike | | |
| | |
Exfiltration
Web Tools
| | |
|---|
| LOLBins | | |
| WADComs | | https://wadcoms.github.io/ |
| | |
| | |
| | |
| | |
Powershell
