Cheat Sheet
Red Teaming Tools - Part1

Here is a collection of open source and commercial tools that will help in red team projects and operations. This post will help you during red teams to chose what framework to work with.

Cobalt Strike

Cobalt Strike is a platform for Adversary Simulations and Red Team Operations. https://cobaltstrike.com

Empire

Empire is a post-exploitation framework that includes cross platform agents for Linux, Mac OS X and Windows operating systems. The latest version of empire is located here: https://github.com/BC-SECURITY/Empire

Metasploit

Metasploit Framework is a exploitation suite that provides prepared exploit codes for various vulnerabilities that can be used easily in penetration testing projects. https://github.com/rapid7/metasploit-framework

CSILENTTRINITY

CSILENTTRINITY is a post-exploitation agent powered by Python, IronPython, C#/.NET. https://github.com/byt3bl33d3r/SILENTTRINITY

GCat

Gcat is a Python based backdoor that uses Gmail as a command and control server. This platform can be used to mimic the behavior of an email client of gmail service. https://github.com/byt3bl33d3r/gcat

Cobalt Strike

Cobalt Strike is a platform for Adversary Simulations and Red Team Operations. https://cobaltstrike.com

Pupy

Pupy is a powerfull opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool written in pure python. https://github.com/n1nj4sec/pupy

Koadic

Koadic or COM Command & Control, is a Windows post-exploitation malware similar to other penetration testing tools such as Meterpreter and Powershell Empire. https://github.com/zerosum0x0/koadic

PoshC2

PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. https://github.com/nettitude/PoshC2_Python

Merlin

Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. https://github.com/Ne0nd0g/merlin

Quasar

Quasar is a fast and light-weight remote administration tool coded in C#. The administration panel is fantastic and Provides high stability and an easy-to-use user interface. https://github.com/quasar/QuasarRAT

Covenant

Covenant is a perfect .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive. This state of the art framework server can run on Linux and Windows operating systems and has most of the functionalities you need to operate in redops. https://github.com/cobbr/Covenant

Sliver

Sliver is an open source, cross-platform adversary emulation/red team platform, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority generated when you first run the binary. The server and client support MacOS, Windows, and Linux. Implants are supported on MacOS, Windows, and Linux (and possibly every Golang compiler target but we've not tested them all). https://github.com/BishopFox/sliver