threatexpress/red-team-scripts external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

threatexpress/red-team-scripts

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/threatexpress/red-team-scripts)

Close

threatexpress / red-team-scriptsView on GitHubMore

• External links
• Readme badge

A collection of Red Team focused tools, scripts, and notes

☆1,146Nov 19, 2024Updated last year

Alternatives and similar repositories for red-team-scripts

Users that are interested in red-team-scripts are comparing it to the libraries listed below

• Mr-Un1k0d3r / RedTeamPowershellScripts

  View on GitHub
  Various PowerShell scripts that may be useful during red team exercise
  ☆961Apr 28, 2022Updated 3 years ago
• bluscreenofjeff / Red-Team-Infrastructure-Wiki

  View on GitHub
  Wiki to collect Red Team infrastructure hardening resources
  ☆4,450Oct 1, 2025Updated 5 months ago
• vysecurity / RedTips

  View on GitHub
  Red Team Tips as posted by @vysecurity on Twitter
  ☆1,068Apr 26, 2020Updated 5 years ago
• Mr-Un1k0d3r / PowerLessShell

  View on GitHub
  Run PowerShell command without invoking powershell.exe
  ☆1,533Mar 23, 2023Updated 2 years ago
• harleyQu1nn / AggressorScripts

  View on GitHub
  Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
  ☆1,529Jun 30, 2023Updated 2 years ago
• cobbr / SharpSploit

  View on GitHub
  SharpSploit is a .NET post-exploitation library written in C#
  ☆1,861Aug 12, 2021Updated 4 years ago
• killswitch-GUI / CobaltStrike-ToolKit

  View on GitHub
  Some useful scripts for CobaltStrike
  ☆859Dec 17, 2020Updated 5 years ago
• outflanknl / RedELK

  View on GitHub
  Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…
  ☆2,624Dec 13, 2025Updated 2 months ago
• mdsecactivebreach / SharpShooter

  View on GitHub
  Payload Generation Framework
  ☆1,972Aug 21, 2024Updated last year
• Cn33liz / p0wnedShell

  View on GitHub
  PowerShell Runspace Post Exploitation Toolkit
  ☆1,548Aug 2, 2019Updated 6 years ago
• hausec / ADAPE-Script

  View on GitHub
  Active Directory Assessment and Privilege Escalation Script
  ☆1,132Dec 7, 2022Updated 3 years ago
• Mr-Un1k0d3r / MaliciousMacroGenerator

  View on GitHub
  Malicious Macro Generator
  ☆830Apr 17, 2019Updated 6 years ago
• d0nkeys / redteam

  View on GitHub
  Red Team Scripts by d0nkeys (ex SnadoTeam)
  ☆702Jul 27, 2020Updated 5 years ago
• rvrsh3ll / Misc-Powershell-Scripts

  View on GitHub
  Random Tools
  ☆850Oct 20, 2022Updated 3 years ago
• S3cur3Th1sSh1t / WinPwn

  View on GitHub
  Automation for internal Windows Penetrationtest / AD-Security
  ☆3,644Aug 28, 2025Updated 6 months ago
• infosecn1nja / Red-Teaming-Toolkit

  View on GitHub
  This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
  ☆10,150Sep 29, 2025Updated 5 months ago
• Kevin-Robertson / Invoke-TheHash

  View on GitHub
  PowerShell Pass The Hash Utils
  ☆1,724Dec 9, 2018Updated 7 years ago
• p3nt4 / PowerShdll

  View on GitHub
  Run PowerShell with rundll32. Bypass software restrictions.
  ☆1,822Mar 17, 2021Updated 4 years ago
• GhostPack / SafetyKatz

  View on GitHub
  SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
  ☆1,308Oct 1, 2019Updated 6 years ago
• nccgroup / redsnarf

  View on GitHub
  RedSnarf is a pen-testing / red-teaming tool for Windows environments
  ☆1,213Sep 14, 2020Updated 5 years ago
• bluscreenofjeff / AggressorScripts

  View on GitHub
  Aggressor scripts for use with Cobalt Strike 3.0+
  ☆885Sep 9, 2022Updated 3 years ago
• hlldz / Phant0m

  View on GitHub
  Windows Event Log Killer
  ☆1,810Sep 21, 2023Updated 2 years ago
• dafthack / MailSniper

  View on GitHub
  MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…
  ☆3,213Aug 7, 2025Updated 6 months ago
• mdsecactivebreach / CACTUSTORCH

  View on GitHub
  CACTUSTORCH: Payload Generation for Adversary Simulations
  ☆1,014Jul 3, 2018Updated 7 years ago
• Mr-Un1k0d3r / RedTeamCSharpScripts

  View on GitHub
  C# Script used for Red Team
  ☆723Nov 16, 2021Updated 4 years ago
• Kevin-Robertson / Inveigh

  View on GitHub
  .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
  ☆2,913Nov 19, 2025Updated 3 months ago
• byt3bl33d3r / SILENTTRINITY

  View on GitHub
  An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
  ☆2,323Dec 6, 2023Updated 2 years ago
• marcosValle / awesome-windows-red-team

  View on GitHub
  A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams
  ☆600Feb 20, 2020Updated 6 years ago
• eladshamir / Internal-Monologue

  View on GitHub
  Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
  ☆1,642Oct 11, 2018Updated 7 years ago
• threatexpress / domainhunter

  View on GitHub
  Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain name…
  ☆1,643Jun 6, 2024Updated last year
• nccgroup / demiguise

  View on GitHub
  HTA encryption tool for RedTeams
  ☆1,422Nov 9, 2022Updated 3 years ago
• infosecn1nja / AD-Attack-Defense

  View on GitHub
  Attack and defend active directory using modern post exploitation adversary tradecraft activity
  ☆4,799Jul 29, 2025Updated 7 months ago
• GhostPack / KeeThief

  View on GitHub
  Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.
  ☆957Nov 18, 2020Updated 5 years ago
• cobbr / Covenant

  View on GitHub
  Covenant is a collaborative .NET C2 framework for red teamers.
  ☆4,620Jul 18, 2024Updated last year
• cyberark / ACLight

  View on GitHub
  A script for advanced discovery of Privileged Accounts - includes Shadow Admins
  ☆826Sep 9, 2019Updated 6 years ago
• trustedsec / unicorn

  View on GitHub
  Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's po…
  ☆3,900Jan 24, 2024Updated 2 years ago
• sense-of-security / ADRecon

  View on GitHub
  ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the…
  ☆1,888Jun 15, 2020Updated 5 years ago
• curi0usJack / luckystrike

  View on GitHub
  A PowerShell based utility for the creation of malicious Office macro documents.
  ☆1,109Nov 3, 2017Updated 8 years ago
• shr3ddersec / Shr3dKit

  View on GitHub
  Red Team Tool Kit
  ☆1,133Dec 8, 2022Updated 3 years ago