Offensive Ops
25 tools indexed
Red team and offensive operations tooling including C2 frameworks, evasion techniques, lateral movement utilities, and specialized attack tools. Built for authorized penetration testing and adversary simulation exercises.
Mythic
Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
Havoc
Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.
Rubeus
C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.
Certipy
Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.
Coercer
Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.
SharpHound
Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.
BeEF
Browser Exploitation Framework. Hook browsers via XSS, then pivot into the network using browser-based attacks.
Social-Engineer Toolkit
Open-source social engineering framework. Spear-phishing, web attacks, USB/HID attacks, and credential harvesting.
Quasar RAT
Open-source remote administration tool for Windows. Full remote desktop, keylogger, file manager, and reverse proxy.
Donut
Generates position-independent shellcode from .NET assemblies, PE files, and DLLs. Load anything in memory.
ScareCrow
Payload creation framework for EDR bypass. Generates loaders using WinAPI syscalls to evade userland hooks.
SharpCollection
Nightly builds of common C# offensive tools. Pre-compiled Rubeus, Seatbelt, SharpUp, Certify, and 50+ more.
Seatbelt
C# safety checks for offensive operations. Enumerates host security config, credentials, and interesting data.
HackRF One
Open-source software-defined radio platform. Transmit and receive 1 MHz to 6 GHz. The hardware hacker's SDR.
USB Rubber Ducky Payloads
Payload repository for USB Rubber Ducky and BadUSB devices. Keystroke injection scripts for every scenario.
pwncat
Post-exploitation platform and target management. Automatic privesc, persistence, file transfer β the smart reverse shell.
Villain
Windows and Linux backdoor generator and handler. Auto-obfuscation, multi-session, and reverse shell management.
Creepy
Geolocation OSINT tool. Aggregates location data from social media, photos, and online services on a map.
pwndrop
Self-deployable file hosting for red teams. Upload payloads, host phishing files, serve implants β with HTTPS and Let's Encrypt.
Stegseek
Lightning fast steganography brute-forcer. Cracks steghide passwords at 200+ GB/s using wordlists.
Peirates
Kubernetes penetration testing tool. Exploit misconfigs, steal secrets, move laterally in K8s clusters.
Pacu
AWS exploitation framework. Enumerate, escalate, and exfiltrate across AWS services. The Metasploit of cloud.
Prowler
Cloud security assessment tool. 300+ checks for AWS, Azure, GCP, and Kubernetes against CIS benchmarks.
Starkiller
Frontend GUI for PowerShell Empire β manage listeners, agents, and modules through a modern Electron interface.
hoaxshell
Unconventional Windows reverse shell using HTTP(S) traffic β fully undetectable by Microsoft Defender.