R

redteam

Push notification demo based on malware seen in the wild.

C.A.R.P. is a pentest tool that delivers a remote, browser-in-the-browser experience for multi-campaign phishing, credential capture, and session hijacking (bypassing MFA). A target user visits a campaign URL they see a full-screen browser (noVNC + Firefox) that loads a target site you configure (e.g. a login page). Each visitor gets their own isolated Docker container, so sessions don’t mix. Keystrokes are logged per session, and you manage everything (campaigns, sessions, keylogs, idle timeouts) from a single Admin UI.

Pr0filer is a reconnaissance tool for browsers, implemented in JS and PHP. Its purpose is to gather information from the victim for further targeted attacks.

Red Team Automation tool powered by go and terraform.

Red Team operations require substantial efforts to both create implants and a resilient C2 infrastructure. SiestaTime aims to merge these ideas into a tool with an easy-to-use GUI, which facilita