Tools and Techniques for Red Team / Penetration Testing
#大语言模型#🐢 Open-Source Evaluation & Testing library for LLM Agents
#大语言模型#Adversary simulation and Red teaming platform with AI
The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
Sandman is a NTP based backdoor for hardened networks.
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Nimbo-C2 is yet another (simple and lightweight) C2 framework
Venom is a library that meant to perform evasive communication using stolen browser socket
Compiled tools for internal assessments
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
Generic PE loader for fast prototyping evasion techniques
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
Repo containing cracked red teaming tools.
Spoofing desktop login applications with WinForms and WPF
smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares
Self-hosted passive subdomain continous monitoring tool.
Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
#自然语言处理#Framework for testing vulnerabilities of large language models (LLM).
A fast and comprehensive tool for organizational network scanning