0xsyr0 / Red-Team-PlaybooksView external linksLinks
This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
☆386Feb 2, 2026Updated 2 weeks ago
Alternatives and similar repositories for Red-Team-Playbooks
Users that are interested in Red-Team-Playbooks are comparing it to the libraries listed below
Sorting:
- From Zero To Hero☆36Jul 17, 2025Updated 7 months ago
- A summary of the most abbreviations I encountered so far☆28Jan 18, 2026Updated 3 weeks ago
- A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.☆3,166Feb 3, 2026Updated 2 weeks ago
- Field guide to gather low-hanging fruits☆14Mar 20, 2025Updated 10 months ago
- A collection of commands, tools, techniques and procedures of the purplestorm ctf team.☆14Mar 20, 2025Updated 10 months ago
- OSCP Cheat Sheet☆3,630Jan 29, 2026Updated 2 weeks ago
- purplestorm writeup collection☆29Updated this week
- Collection of OPSEC Tradecraft and TTPs for Red Team Operations☆320Feb 1, 2026Updated 2 weeks ago
- A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.☆282Oct 8, 2025Updated 4 months ago
- Create and enumerate hidden desktops.☆90Dec 12, 2023Updated 2 years ago
- HookChain: A new perspective for Bypassing EDR Solutions☆589Jan 5, 2025Updated last year
- Active Directory Auditing and Enumeration☆515Dec 3, 2025Updated 2 months ago
- Tools and Techniques for Red Team / Penetration Testing☆8,493Mar 18, 2025Updated 10 months ago
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆61May 3, 2024Updated last year
- Windows Local Privilege Escalation Cookbook☆1,266Feb 5, 2026Updated last week
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆36Nov 16, 2023Updated 2 years ago
- An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.☆4,273Dec 6, 2025Updated 2 months ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆670Oct 23, 2025Updated 3 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆591Jun 12, 2024Updated last year
- ☆90Aug 5, 2023Updated 2 years ago
- ☆890Sep 5, 2023Updated 2 years ago
- Tools & Interesting Things for RedTeam Ops☆2,250Feb 10, 2026Updated last week
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,307Nov 12, 2025Updated 3 months ago
- Ansible roles to deploy RedELK☆23Feb 15, 2023Updated 3 years ago
- ☆650Feb 6, 2026Updated last week
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆373Apr 6, 2024Updated last year
- Work in progress...☆404Nov 6, 2025Updated 3 months ago
- Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that are useful for internal penetration tests and a…☆300Jan 1, 2026Updated last month
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆698May 7, 2025Updated 9 months ago
- ↕️🤫 Stealth redirector for your red team operation security☆1,064Jul 6, 2025Updated 7 months ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆502Dec 19, 2023Updated 2 years ago
- A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compil…☆1,136Jul 19, 2024Updated last year
- Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing☆395Jun 15, 2023Updated 2 years ago
- RunPE implementation with multiple evasive techniques (1)☆380Sep 22, 2023Updated 2 years ago
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆206Aug 12, 2024Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181May 19, 2025Updated 8 months ago
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆202Mar 26, 2025Updated 10 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,813Nov 3, 2024Updated last year
- ☆222Mar 10, 2024Updated last year