Offensive Ops

Mythic

Go

OffensiveFeatured

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

Havoc

C/C++

OffensiveFeatured

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

Rubeus

C#

OffensiveFeatured

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

Certipy

Python

OffensiveFeatured

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

Coercer

Python

Offensive

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

SharpHound

C#

Offensive

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

BeEF

Ruby

OffensiveFeatured

Browser Exploitation Framework. Hook browsers via XSS, then pivot into the network using browser-based attacks.

Social-Engineer Toolkit

Python

OffensiveFeatured

Open-source social engineering framework. Spear-phishing, web attacks, USB/HID attacks, and credential harvesting.

Quasar RAT

C#

Offensive

Open-source remote administration tool for Windows. Full remote desktop, keylogger, file manager, and reverse proxy.

Donut

C

OffensiveFeatured

Generates position-independent shellcode from .NET assemblies, PE files, and DLLs. Load anything in memory.

ScareCrow

Go

OffensiveFeatured

Payload creation framework for EDR bypass. Generates loaders using WinAPI syscalls to evade userland hooks.

SharpCollection

C#

Offensive

Nightly builds of common C# offensive tools. Pre-compiled Rubeus, Seatbelt, SharpUp, Certify, and 50+ more.

Seatbelt

C#

Offensive

C# safety checks for offensive operations. Enumerates host security config, credentials, and interesting data.

HackRF One

C

OffensiveFeatured

Open-source software-defined radio platform. Transmit and receive 1 MHz to 6 GHz. The hardware hacker's SDR.

USB Rubber Ducky Payloads

DuckyScript

Offensive

Payload repository for USB Rubber Ducky and BadUSB devices. Keystroke injection scripts for every scenario.

pwncat

Python

OffensiveFeatured

Post-exploitation platform and target management. Automatic privesc, persistence, file transfer - the smart reverse shell.

Villain

Python

Offensive

Windows and Linux backdoor generator and handler. Auto-obfuscation, multi-session, and reverse shell management.

Creepy

Python

Offensive

Geolocation OSINT tool. Aggregates location data from social media, photos, and online services on a map.

pwndrop

Go

Offensive

Self-deployable file hosting for red teams. Upload payloads, host phishing files, serve implants - with HTTPS and Let's Encrypt.

Stegseek

C++

Offensive

Lightning fast steganography brute-forcer. Cracks steghide passwords at 200+ GB/s using wordlists.

Peirates

Go

Offensive

Kubernetes penetration testing tool. Exploit misconfigs, steal secrets, move laterally in K8s clusters.

Pacu

Python

OffensiveFeatured

AWS exploitation framework. Enumerate, escalate, and exfiltrate across AWS services. The Metasploit of cloud.

Prowler

Python

Offensive

Cloud security assessment tool. 300+ checks for AWS, Azure, GCP, and Kubernetes against CIS benchmarks.

Starkiller

JavaScript

Offensive

Frontend GUI for PowerShell Empire - manage listeners, agents, and modules through a modern Electron interface.

hoaxshell

Python

Offensive

Unconventional Windows reverse shell using HTTP(S) traffic - fully undetectable by Microsoft Defender.

Penelope

Python

Offensive

Advanced reverse shell handler. Auto-upgrades shells to PTY, handles multiple sessions, with built-in file transfer and logging.

PetitPotam

Python

Offensive

NTLM relay coercion tool. Forces Windows machines to authenticate via MS-EFSRPC, enabling relay attacks for domain compromise.

Whisker

C#

Offensive

Shadow Credentials attack tool. Adds rogue Key Credentials to AD objects for Kerberos authentication without knowing passwords.

CALDERA

Python

Offensive

MITRE ATT&CK-based automated adversary emulation platform for red team operations and security testing.

Pupy

Python

Offensive

Cross-platform remote administration and post-exploitation tool with in-memory execution.

Faraday

Python

Offensive

Collaborative penetration testing and vulnerability management platform.

Amber

Go

Offensive

Reflective PE packer converting native PE files to position-independent shellcode.

RedELK

Python

Offensive

Red team OPSEC monitoring and tracking using ELK stack integration.

PayloadsAllTheThings

Python

Offensive

Comprehensive reference of payloads and bypasses for web application pentesting.

PHPSploit

Python

Offensive

Stealth post-exploitation C2 framework tunneled through PHP web servers.

Ronin

Ruby

Offensive

Ruby toolkit for security research with built-in exploit development and recon.

Merlin

Go

Offensive

Cross-platform HTTP/2 command and control server and agent written in Go. Supports QUIC, HTTP/3, and encrypted communications.

Empire

Python

Offensive

Post-exploitation and adversary emulation framework with PowerShell, Python, and C# agents. BC-Security maintained fork.

WinPwn

PowerShell

Offensive

Automated Windows internal penetration testing toolkit. Runs recon, privesc, credential extraction, and lateral movement in one script.

Inveigh

C#

Offensive

.NET/PowerShell LLMNR, NBNS, mDNS, DNS, and DHCPv6 spoofing tool with integrated relay attack support.

Weevely

Python

Offensive

Weaponized PHP web shell with 30+ modules for post-exploitation, pivoting, and privilege escalation through a tiny backdoor.

Commando VM

PowerShell

Offensive

Mandiant's Windows-based penetration testing distribution. Automated installer for 140+ offensive security tools on Windows.

MailSniper

PowerShell

Offensive

PowerShell tool for searching through Exchange and Office 365 email for sensitive data, credentials, and insider threat indicators.

DomainPasswordSpray

PowerShell

Offensive

PowerShell tool for performing password spray attacks against Active Directory domain accounts with lockout-aware throttling.

Ruler

Go

Offensive

Tool for abusing Exchange services to gain remote code execution via Outlook mail rules, forms, and home page exploitation.

PrivescCheck

PowerShell

Offensive

Windows privilege escalation enumeration script. Checks services, scheduled tasks, registry, credentials, and dozens of escalation vectors.

PingCastle

C#

Offensive

Active Directory security assessment tool that generates risk scores and identifies misconfigurations, trust issues, and attack paths.

SSH-Snake

Shell

Offensive

Self-propagating, fileless network traversal tool that discovers and uses SSH keys to map reachable infrastructure.

emp3r0r

Go

Offensive

Self-healing mesh C2 framework with agent persistence, steganography transport, and automated post-exploitation for Linux.

HexStrike AI

Python

OffensiveFeatured

MCP server giving AI agents access to 150+ cybersecurity tools for automated pentesting, vulnerability discovery, and bug bounty automation.

Decepticon

Python

Offensive

Autonomous red team agent executing full kill chains from recon through C2 with MITRE ATT&CK mapping and Neo4j knowledge graph.

RedAmon

Python

Offensive

AI-powered agentic red team framework automating recon through exploitation with LangGraph, Neo4j, and 70+ integrated tools.