AbrahamOP/redteam-toolkit

GitHub: AbrahamOP/redteam-toolkit

Stars: 1 | Forks: 0

90+ scripts 14 categories MIT authorized use only

redteam-toolkit

Curated collection of red team scripts, cheatsheets, payloads, and reporting templates.
Built for authorized penetration testing, CTF competitions, and security research.

## What's inside | Category | Files | Description | |:---------|:-----:|:------------| | [`active-directory/`](active-directory/) | 18 | Kerberoast, ASREPRoast, BloodHound, ADCS abuse, NTLM relay, ACL attacks, lateral movement | | [`web/`](web/) | 5 | OWASP testing helpers, Burp automation, API fuzzing, authentication bypass | | [`cloud/`](cloud/) | 5 | AWS / Azure / GCP enumeration, IAM escalation, metadata service exploitation | | [`windows/`](windows/) | 8 | Local enumeration, privilege escalation, persistence, credential harvesting | | [`linux/`](linux/) | 5 | SUID/capabilities, kernel exploits, cron abuse, container escapes | | [`network/`](network/) | 2 | Quick recon, service enumeration, network-level attacks | | [`recon/`](recon/) | 5 | OSINT, subdomain enumeration, attack surface mapping, EASM | | [`phishing/`](phishing/) | 8 | Email templates, infrastructure setup, credential harvesting, awareness campaigns | | [`devops/`](devops/) | 4 | CI/CD pipeline exploitation, secrets extraction, artifact abuse | | [`payloads/`](payloads/) | 9 | Reverse shells, SQLi, XSS, LFI, RCE, SSTI, XXE, JWT bypass | | [`cheatsheets/`](cheatsheets/) | 9 | Nmap, hashcat, msfvenom, pivoting, reverse shells, privilege escalation | | [`wordlists/`](wordlists/) | 1 | Custom wordlists and links to community lists | | [`reporting/`](reporting/) | 6 | Finding templates, executive summaries, red team report structure | | [`engagements/`](engagements/) | — | Engagement templates and methodology (PTES/OWASP/MITRE ATT&CK) | ## Quick Start git clone https://github.com/AbrahamOP/redteam-toolkit.git cd redteam-toolkit **Run a quick recon:** ./network/quick-recon.sh # Check the cheatsheet cat cheatsheets/msfvenom.md ## Highlights ### Active Directory - Full Kerberoast / ASREPRoast automation - BloodHound data collection and analysis helpers - ADCS (Active Directory Certificate Services) abuse scripts - NTLM relay attack setup - ACL-based privilege escalation ### Cloud - AWS IAM enumeration and privilege escalation - Azure/GCP metadata service exploitation - Cross-cloud lateral movement techniques ### DevOps - CI/CD pipeline poisoning (GitHub Actions, GitLab CI, Jenkins) - Secrets extraction from build artifacts - Supply chain attack vectors ## Structure Conventions - Every script has a **header**: usage, dependencies, example output - No real credentials or targets committed (see `.gitignore`) - Large wordlists: link to source, not the archive - Tool outputs → `output/` directory (gitignored) - Engagement data → `engagements/-/` (gitignored for private data) ## Index See [INDEX.md](INDEX.md) for the full file-by-file index with descriptions. ## Disclaimer **Authorized use only.** See [DISCLAIMER.md](DISCLAIMER.md) for the full legal notice. These tools are provided for authorized penetration testing, CTF competitions, bug bounty programs, and security research. Unauthorized access to computer systems is illegal. You are solely responsible for ensuring you have proper written authorization before using any tool in this repository. ## License [MIT](LICENSE)