Skip to content

Ixve/Red-Team-Tools

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 

Repository files navigation

⚠️ WARNING ⚠️

As of 1/27/2024 these tools will not be checked for malware using any sort of environment, you are responsible for any damages done to your computer, run these strictly in a VM environment.

Make sure to read notes at the bottom before opening any issue.

Cracked Red Teaming Tools.

This is a full collection of red teaming tools which have been cracked by other people, if you need me to find anything, let me know via the issues tab.

ℹ Sandboxes ℹ

Sandboxing is useful when it comes to testing whether or not the tools contain malware, and it is strongly recommended to do so depending on the tool size.

Name Link Description
AnyRun any.run A (mostly) free online interactive VM/sandbox, one of the best out there, requires business e-mail, however limited to 5 minutes per sample including a 16MB sample size (Bypassable up to 100-300MB) for free tier accounts
TRIAGE tria.ge A completely free online interactive VM/sandbox, less informative compared to AnyRun, however it needs just a singular log in using any email or even GitHub, with up to a 30-minute sample time limit and no sample size limit.
HybridAnalysis hybrid-analysis.com A completely (login-)free online sandbox, unlike the others it is not interactive, has a 100MB file size limit and has a very long queue to get your file analyzed.
JoeSandbox joesandbox.com Appears to be a fully interactive online VM/sandbox with a 100MB file size limit, however I have never personally used it.
CUCKOO cuckoo.cert.ee A non-interactive completely (login-)free online sandbox, appears to have no file size limit and I have rarely used it personally.

🐀 C2/RATs 🐀

Windows
Tool Link
Cobalt Strike v4.9 (PW: 20231004_2218) Download
Brute-Ratel v1.2.2 (Scandinavian Defense) Download
VenomRAT v6.0.1 Download
Android
Tool Link
CraxsRAT v6? (⚠️ READ NOTES ⚠️) Download
SpyNote v6.4 SpyNote is outdated, wait for SpyNote X cracks to surface or use the tool above.



🎭 Exploitation Toolkits/Software 🎭

Windows
Tool Link
Immunity CANVAS v7.27 Download
Quantum .lnk Exploit Builder (02-10-22) Download
JexBot v1.0 (READ NOTES) Download



🌐 Web App Security Tools 🌐

Windows
Tool Link
Invicti Pro v24.1 Download
Burp Suite PRO v2023.6.1 (Install Script) Download
Acunetix Scanner v24.1 (Install Script) Download
Xray Pro v1.9.10 Download
HCL AppScan Standard v10.4.0 Download
Linux
Tool Link
Acunetix Scanner v24.1 Download
Xray Pro v1.9.11 Download



📝 Notes 📝

General

Most of these tools are obtained from CyberArsenal and xss.is, credits for the cracks go to them.

If an archive asks for a password, try pwn3rzs, Pwn3rzs, xss.is, XSS.IS or exploit.in

Cobalt Strike

Cobalt Strike requires you to deploy the teamserver on a Linux install such as Ubuntu, or whatever distro of your choice.
In order to run the Cobalt Strike client on your Windows install, you will have to run the following command:
java -XX:ParallelGCThreads=4 -XX:+AggressiveHeap -XX:+UseParallelGC -Xms512M -Xmx1024M -jar cobaltstrike-client.jar.

On Linux, you can simply run start.sh.

Brute-Ratel

I am not sure whether or not this version of Brute-Ratel works properly, it has not been tested at all, however from the few basic functions I am assuming it works. If it does not, someone let me know.

If Brute-Ratel fails to compile the badger.bin into a badger.exe you can use the following to manually compile it: cat badger.bin | msfvenom -p - -f exe --platform win -a x64 -o badger.exe

CraxsRat

This version of CraxsRAT appears to be quite unstable when it comes to connections, if someone wants me to, I can attempt to find a newer version of this rat.

Immunity CANVAS

Immunity CANVAS contains the following: D2 Exploitation Pack v2.55 & White Phosphorus v1.28.

HCL AppScan

Upon installing AppScan make sure to replace the installed DLLs with the cracked ones.

JexBot v1.0
  1. Run add_hosts.bat as administrator, if you get an "Access Denied" error, open "C:\Windows\System32\drivers\etc\hosts" and add the following:
127.0.0.1 jex.tools
127.0.0.1 www.jex.tools
  1. Run "Jex_crack.exe" and then open "JEX BOT.exe"
  2. Put mastercho as the username and password and press login. Note: After logging into the JexBot, you may close "Jex_crack.exe", however you will have to re-open "Jex_crack.exe" every time you want to open the JexBot.
Craxs RAT v6?

I am not sure if this is malware, as it is a remake of crax I've found on the xss.is forums going under "Anonymous V6", and it was also leaked according to OP.
Archive password: suspicious

Run strictly in a VM environment.