R

redteam

Tomcat backdoor based on CS blog

Push notification demo based on malware seen in the wild.

USB Modem/IAX2 War Dialer

JA4 proxy tooling.

Canary Detection

Deployment scripts for automated labs.

C.A.R.P. is a pentest tool that delivers a remote, browser-in-the-browser experience for multi-campaign phishing, credential capture, and session hijacking (bypassing MFA). A target user visits a campaign URL they see a full-screen browser (noVNC + Firefox) that loads a target site you configure (e.g. a login page). Each visitor gets their own isolated Docker container, so sessions don’t mix. Keystrokes are logged per session, and you manage everything (campaigns, sessions, keylogs, idle timeouts) from a single Admin UI.

Pr0filer is a reconnaissance tool for browsers, implemented in JS and PHP. Its purpose is to gather information from the victim for further targeted attacks.

Lab environment for researching antivirus evasion using Shellter and PowerShell, including setup steps, documentation, and safe payload workflow.

Portable network scanner with some limited opsec capabilities.

Powershell script to hide a .dll into a link using alternate data stream (ADS), then place the .lnk file into an NTFS virtual hard disk (VHD). The link will run the dll leveraging rundll32.

C# project to exfiltrate data as compressed zip file from target computer to Dropbox using Dropbox API during red team engagement.

Red Team Automation tool powered by go and terraform.

Red Team operations require substantial efforts to both create implants and a resilient C2 infrastructure. SiestaTime aims to merge these ideas into a tool with an easy-to-use GUI, which facilita

Engagement Tool Set

Arducky - Arduino Ducky Script Interpreter

Powershell Empire in Docker