RedTeamScript — Attack Script Library
RedTeamScript runs Python attack scripts from the AllySec Forge skill library — 147 stdlib-only Python scripts across 19 skill suites. Use this when KaliTool doesn't cover the specific attack scenario.
Skill Suites
| Suite | Scripts | Domain |
|---|---|---|
recon-dominator | 9 | Passive/active recon, OSINT, Google dorking, port scanning, tech fingerprinting |
webapp-exploit-hunter | 13 | SQLi, XSS, SSRF, IDOR, SSTI, auth bypass, file upload, race conditions, WAF evasion |
api-breaker | 10 | API discovery, schema building, auth analysis, mass assignment, GraphQL, WebSocket |
exploitation | 17 | SQLi, IDOR, oracle manipulation, JWT forging, XSS harvesting, flash loans, reentrancy |
post-exploitation | 9 | Linux/Windows privesc, AD attacks, lateral movement, persistence, container escape |
cloud-pivot-finder | 7 | Cloud detection, bucket enumeration, takeover scanning, serverless, CI/CD |
edr-evasion-engine | 5 | AMSI bypass, ETW patching, process injection, NTDLL unhooking, API hashing |
stealth-execution-engine | 7 | LOLBAS, script dropper, Discord C2, DNS tunneling, reverse SSH, Sliver ops |
anti-forensics-suite | 3 | Log cleaning, history eraser, artifact cleaner |
phishing-arsenal | 5 | Campaign tracker, landing page generator, domain squatter, email spoofer |
web-implant-factory | 4 | Panel backdoor, credential harvester, shell deployer, phishing cloner |
linux-implant-suite | 3 | Systemd backdoor, SSH pivot, container breakout |
vuln-chain-composer | 6 | Import findings, correlate, build chains, calculate impact, generate chain PoC |
attack-path-architect | 5 | Classify assets, map trust, generate attack trees |
pentest | 4 | Engagement KB, Playwright automation, aggregate reporting |
hackerone | 4 | Scope parsing, parallel pentesting, PoC validation, submission reports |
authenticating | 2 | Signup/login automation, CAPTCHA solving, 2FA bypass |
domain-assessment | - | Subdomain discovery, port scanning, attack surface inventory |
web-application-mapping | - | Web app recon, headless browser automation |
Usage
Arguments pass safely via subprocess array — payloads with shell metacharacters and injection strings flow through without restriction.
RedTeamScript(
skill="webapp-exploit-hunter",
script="sqli_tester",
args='--url http://target.com/api/users?id=1 --payload "\' OR 1=1--"'
)RedTeamScript(
skill="recon-dominator",
script="passive_recon",
args="--domain example.com --output results.json",
outputDir="./outputs/engagement/processed/"
)When to Use
- When KaliTool doesn't have a matching tool for the attack
- When you need Python-native scripting (no Kali dependency)
- When you need payloads with shell metacharacters that pass safely through subprocess arrays
- When you need to chain multiple reconnaissance or exploitation steps