Infrastructure (phishing, C2, redirector)

Red Team Infrastructure - Phishing, redirector, etc and automation

DLS 2024 - RedTeam Fails - “Oops my bad I ruined the operation”Swissky’s adventures into InfoSec World !

Living Off Trusted Sites

LOTS Project - Living Off Trusted Sites

Phishing

Social Engineering | Red Team Guides

Top Phishing TechniquesRedTeamRecipe

Easy Phishing Infrastructure Setup for Red TeamingPayatu

Tools

Gophish - Open Source Phishing Framework

Install gophish

Gone Phishing: Installing GoPhish and Creating a Campaign - Black Hills Information SecurityBlack Hills Information Security

GitHub - htr-tech/zphisher: An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !GitHub

GitHub - trustedsec/social-engineer-toolkit: The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.GitHub

GitHub - fin3ss3g0d/evilgophish: evilginx2 + gophishGitHub

GitHub - rsmusllp/king-phisher: Phishing Campaign ToolkitGitHub

Ansible:

GitHub - VirtualSamuraii/flyphish: Deploy a phishing infrastructure on the fly.GitHub

Remove IoC from Gophish

GitHub - puzzlepeaches/sneaky_gophish: Hiding GoPhish from the boys in blueGitHub

Users emails

Social Media

Email reputation:

https://emailrep.io/emailrep.io

Valid emails

GitHub - 0xhav0c/valid-email-scanner: Valid Email Address ScannerGitHub

Template to use

GitHub - simplerhacking/Evilginx3-Phishlets: This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3.GitHub

GitHub - BiZken/PhishMailer: Generate Professional Phishing Emails Fast And EasyGitHub

https://x.com/nullenc0de/status/1848361811881435474

GitHub - nullenc0de/servicelens: ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify services, categorizing them into Email, Cloud, Security, and more.GitHub

Generate Typo Squatting

GitHub - urbanadventurer/urlcrazy: Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.GitHub

Check the availability and responsiveness of domains

GitHub - murat-exp/Domain-Checker-Tool: A high-performance Go-based tool for checking the availability and responsiveness of domains, utilizing both HTTP requests and browser automation for comprehensive analysis.GitHub

Recaptcha Phish

GitHub - JohnHammond/recaptcha-phish: Phishing with a fake reCAPTCHAGitHub

OAuth / QR code phishing

GitHub - secureworks/squarephishGitHub

Okta

GitHub - OtterHacker/OktaGinxGitHub

ShadowPhish - APT Awareness Toolkit

GitHub - CyberSecurityUP/ShadowPhish: ShadowPhish is an advanced APT awareness toolkit designed to simulate real-world phishing, malware delivery, deepfakes, smishing/vishing, and command & control attacks through an intuitive graphical interface. Perfect for cybersecurity training, red team education, and security awareness programs.GitHub

Offensive VBA

GitHub - S3cur3Th1sSh1t/OffensiveVBA: This repo covers some code execution and AV Evasion methods for Macros in Office documentsGitHub

C2

C2

The C2 MatrixC2 Matrix

Redirector

Redirectors: A Red Teamer’s IntroductionOptiv

GitHub - D00Movenok/BounceBack: ↕️🤫 Stealth redirector for your red team operation securityGitHub

GitHub - OtterHacker/AWSRedirectorGitHub

Cloudflare Redirector

GitHub - som3canadian/Cloudflare-Redirector: Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.GitHub

Change IP every 5 minutes

GitHub - OtterHacker/AWSRoundRobinGitHub

Automated Infrastructure

GitHub - RedTeamOperations/Red-Infra-Craft: RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create advanced phishing & payload infrasGitHub

Resilient Infrastructure

GitHub - bluscreenofjeff/Red-Team-Infrastructure-Wiki: Wiki to collect Red Team infrastructure hardening resourcesGitHub

Automating Red Team Infrastructure with Terraform | Red Team Notes

GitHub - 0xS2V2/marsform: terraform deployment for red teamGitHub

Building a Red Team Infrastructure in 2023sse_gmbh

GitHub - SecuraBV/RedWizardGitHub

AWS

Interesting Books

Interesting Books

Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.

• RTFM: Red Team Field Manual v2 A quick reference when there is no time to scour the Internet for that perfect command
• Red Team Development and Operations: A practical guide The authors have moved beyond SANS training and use this book to detail red team operations in a practical guide.
• Cybersecurity Attacks – Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Support this Gitbook

I hope it helps you as much as it has helped me. If you can support me in any way, I would deeply appreciate it.