Red-Teaming-Toolkit

Red Teaming Toolkit is a curated list of open-source security tools organized for people who conduct adversary simulations, penetration tests, or threat hunting exercises. A red teamer is someone hired by a company to attack their own systems in order to find weaknesses before real attackers do. This repository does not contain original code; it is a reference directory that collects and categorizes existing tools from across the security community.

The tools are grouped by the phase of an attack they relate to. Reconnaissance covers tools for mapping targets, discovering subdomains, scanning for exposed cloud storage, and gathering intelligence from sources like LinkedIn. Initial access covers tools for testing password spraying, generating malicious payloads, and finding ways into systems. Subsequent categories cover situational awareness (understanding the environment once inside), credential dumping (extracting passwords or tokens), privilege escalation (gaining higher-level access), defense evasion (avoiding detection), persistence (maintaining access), lateral movement (moving between systems), and exfiltration (getting data out).

Each entry in the list includes a tool name, a brief description of what it does, and a link to its GitHub repository. The descriptions are short, typically one or two sentences, so this is more of a starting point for research than a deep guide to any individual tool.

The README notes that the tools listed here could be misused by malicious actors, and the intent is to support legitimate security professionals and threat hunters who use the same techniques defensively. The project accepts contributions via pull requests.

The full README is longer than what was shown.