This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
☆397Feb 28, 2026Updated last week
Alternatives and similar repositories for Red-Team-Playbooks
Users that are interested in Red-Team-Playbooks are comparing it to the libraries listed below
Sorting:
- From Zero To Hero☆35Jul 17, 2025Updated 7 months ago
- A summary of the most abbreviations I encountered so far☆28Jan 18, 2026Updated last month
- A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.☆3,183Feb 23, 2026Updated 2 weeks ago
- Field guide to gather low-hanging fruits☆14Mar 20, 2025Updated 11 months ago
- A collection of commands, tools, techniques and procedures of the purplestorm ctf team.☆14Mar 20, 2025Updated 11 months ago
- OSCP Cheat Sheet☆3,649Updated this week
- purplestorm writeup collection☆29Updated this week
- Collection of OPSEC Tradecraft and TTPs for Red Team Operations☆321Feb 1, 2026Updated last month
- HookChain: A new perspective for Bypassing EDR Solutions☆592Jan 5, 2025Updated last year
- A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.☆282Oct 8, 2025Updated 5 months ago
- Create and enumerate hidden desktops.☆91Dec 12, 2023Updated 2 years ago
- Active Directory Auditing and Enumeration☆521Dec 3, 2025Updated 3 months ago
- Windows Local Privilege Escalation Cookbook☆1,281Feb 5, 2026Updated last month
- Tools and Techniques for Red Team / Penetration Testing☆8,548Mar 18, 2025Updated 11 months ago
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆61May 3, 2024Updated last year
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆37Nov 16, 2023Updated 2 years ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆672Oct 23, 2025Updated 4 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆592Jun 12, 2024Updated last year
- An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.☆4,325Feb 15, 2026Updated 3 weeks ago
- ☆90Aug 5, 2023Updated 2 years ago
- ☆892Sep 5, 2023Updated 2 years ago
- Tools & Interesting Things for RedTeam Ops☆2,258Feb 10, 2026Updated 3 weeks ago
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,317Nov 12, 2025Updated 3 months ago
- Ansible roles to deploy RedELK☆23Feb 15, 2023Updated 3 years ago
- ☆143Jun 21, 2023Updated 2 years ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆374Apr 6, 2024Updated last year
- Work in progress...☆408Feb 24, 2026Updated 2 weeks ago
- ☆682Feb 28, 2026Updated last week
- ↕️🤫 Stealth redirector for your red team operation security☆1,067Mar 1, 2026Updated last week
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that are useful for internal penetration tests and a…☆302Jan 1, 2026Updated 2 months ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆505Dec 19, 2023Updated 2 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compil…☆1,146Jul 19, 2024Updated last year
- Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing☆398Jun 15, 2023Updated 2 years ago
- RunPE implementation with multiple evasive techniques (1)☆383Sep 22, 2023Updated 2 years ago
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆207Aug 12, 2024Updated last year
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆203Mar 26, 2025Updated 11 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,823Nov 3, 2024Updated last year