High-risk tools in Redteam
18 of the 20 tools in Redteam are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
amass_enumExecutePerform in-depth DNS enumeration and attack surface mapping with Amass.
-
arjun_paramsExecuteDiscover hidden HTTP GET/POST parameters on a web endpoint.
-
commix_scanExecuteDetect and exploit OS command injection vulnerabilities.
-
curl_requestExecutecurl_request
-
dnsrecon_enumExecutePerform DNS reconnaissance on a target domain.
-
ffuf_fuzzExecuteffuf_fuzz
-
gobuster_dirExecutegobuster_dir
-
httpx_probeExecutehttpx_probe
-
hydra_bruteExecutehydra_brute
-
msf_auxiliaryExecuteRun a Metasploit Framework auxiliary module non-interactively.
-
nikto_scanExecuteScan a web server for known vulnerabilities using Nikto.
-
nmap_scanExecuteRun an Nmap scan against a target.
-
nuclei_scanExecuteRun Nuclei template-based vulnerability scanner against a target.
-
sqlmap_scanExecutesqlmap_scan
-
sslscan_auditExecuteAudit SSL/TLS configuration of a target for weak ciphers, protocols, and certificates.
-
subfinder_enumExecuteEnumerate subdomains of a target domain using Subfinder.
-
whatweb_scanExecuteIdentify technologies used by a web application.
-
wpscan_scanExecuteScan a WordPress site for vulnerabilities, plugins, themes, and users.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.