Complete List of Free Red Teaming Tools & Simulation Toolkit For Red Team Operations 2021

We are bringing here a collection of open-source and commercial Red Team tools that aid in red team operations. This repository will help you with the majority part of red team engagement. You can also join the Certified Red Team Expert program to become a master in red team operation and understand real-world attacks.

Read Team Field Manual

Contents

  • Reconnaissance
  • Weaponization
  • Delivery
  • Command and Control
  • Lateral Movement
  • Establish Foothold
  • Escalate Privileges
  • Data Exfiltration
  • Misc
  • References

Reconnaissance

Active Intelligence Gathering

Passive Intelligence Gathering

Frameworks

Weaponization

Delivery

Phishing

Watering Hole Attack

Command and Control

Remote Access Tools

Staging

Lateral Movement

Establish Foothold

Escalate Privileges

Domain Escalation

Local Escalation

Data Exfiltration

Misc

Adversary Emulation

Wireless Networks

Embedded & Peripheral Devices Hacking

  • magspoof a portable device that can spoof/emulate any magnetic stripe, credit card or hotel card “wirelessly”, even on standard magstripe (non-NFC/RFID) readers. https://github.com/samyk/magspoof
  • WarBerryPi was built to be used as a hardware implant during red teaming scenarios where we want to obtain as much information as possible in a short period of time with being as stealth as possible. https://github.com/secgroundzero/warberry
  • P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for HID backdoor). https://github.com/mame82/P4wnP1
  • malusb HID spoofing multi-OS payload for Teensy. https://github.com/ebursztein/malusb
  • Fenrir is a tool designed to be used “out-of-the-box” for penetration tests and offensive engagements. Its main feature and purpose is to bypass wired 802.1x protection and to give you an access to the target network. https://github.com/Orange-Cyberdefense/fenrir-ocd
  • poisontap exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js. https://github.com/samyk/poisontap
  • WHID WiFi HID Injector – An USB Rubberducky / BadUSB On Steroids. https://github.com/whid-injector/WHID
  • PhanTap is an ‘invisible’ network tap aimed at red teams. With limited physical access to a target building, this tap can be installed inline between a network device and the corporate network. https://github.com/nccgroup/phantap

Software For Team Communication

  • RocketChat is free, unlimited and open source. Replace email & Slack with the ultimate team chat software solution. https://rocket.chat
  • Etherpad is an open source, web-based collaborative real-time editor, allowing authors to simultaneously edit a text document https://etherpad.org/

Log Aggregation

C# Offensive Framework

Labs

Scripts

References

Source & Credits: @infosecn1nja