One, two, three… 12 Powerful Pentesting Tools from Red Siege

Red Siege Specialists shared a set of open source tools designed to make pentesting faster and more convenient. All of them are available on GitHub.

“I enjoy writing code, turning it into a logic puzzle to create powerful software tools. I feel satisfaction when I watch my programs work, for example, EyeWitness, I am proud of myself and I understand that time is well spent. <…> I release my creations to the public in the hope that they will benefit others as much as I do,” said Chris Truncer, Senior Security Consultant and Director of Education at Red Siege.

autofunkt — A Python script that automates the creation of cloud redirectors without a server from Cobalt Strike malleable C2 profiles.

C2concealer is a command line utility that generates random C2 profiles for Cobalt Strike.

DigDug – adds words from the dictionary to the executable file, increasing its size to the desired one. This approach can help bypass security systems that analyze the entropy level to check trust.

dumpCake – allows you to monitor authentication attempts through the SSH daemon. This tool will be useful for recording hacking attempts.

eyewitness – a utility for taking snapshots of websites, collecting information about servers and, if possible, identifying default credentials. Significantly reduces time when working with a large number of sites.

EDD – Enumerate Domain Data – a tool for enumerating domain data, created as an analogue of PowerView, but implemented in .NET.

GPPDeception – the script creates a groups.xml file that mimics a real GPP to generate a new user on computers included in the domain.

Just-Metadata is a tool that collects and analyzes metadata about IP addresses, revealing relationships between systems in a large dataset.

ProxmarkWrapper is a Proxmark3 client wrapper that sends a text notification (or email) when an RFID card is captured.

wappybird is a tool that allows you to find web technologies with optional CSV output. It is also possible to store all collected data in a directory with a subdirectory for each host.

WMImplant is a PowerShell-based tool that uses WMI to perform actions on target machines. Also used as a C2 channel to send commands and receive results.

WMIOps is a PowerShell script that uses WMI to perform actions on hosts in a Windows environment. Designed primarily for use in pentests or red teams.