Certified Red Team Operator (CRTO) Cheatsheet and Checklist
☆225Mar 16, 2024Updated 2 years ago
Alternatives and similar repositories for CRTO-Notes
Users that are interested in CRTO-Notes are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Certified Red Team Operator☆455Apr 17, 2022Updated 3 years ago
- A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.☆286Oct 8, 2025Updated 6 months ago
- Collection of Notes and CheatSheets used for Red teaming Certs☆498Feb 13, 2023Updated 3 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆144Mar 9, 2024Updated 2 years ago
- Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.☆171Jul 16, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A collection of Cobalt Strike Aggressor scripts.☆111Jan 3, 2022Updated 4 years ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆327May 17, 2024Updated last year
- Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing☆402Jun 15, 2023Updated 2 years ago
- Used to get NTLMv2 Hashes from SMB☆23Oct 24, 2024Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 9 months ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆845Dec 2, 2023Updated 2 years ago
- ☆159Apr 4, 2025Updated last year
- Interract with Microsoft SQL Server (MS SQL | MSSQL) servers and their linked instances in restricted environments, without the need for …☆61Mar 31, 2026Updated 2 weeks ago
- Our repo for crushing through RTO course & labs.☆37Sep 12, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Azure AD cheatsheet for the CARTP course☆151May 5, 2022Updated 3 years ago
- Creating a repository with all public Beacon Object Files (BoFs)☆627Mar 2, 2026Updated last month
- Collection of remote authentication triggers in C#☆526May 15, 2024Updated last year
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆1,467Mar 17, 2026Updated 3 weeks ago
- Powerview on steroids☆918Updated this week
- Havoc C2 profile generator☆108Mar 4, 2026Updated last month
- A beacon object file implementation of PoolParty Process Injection Technique.☆444Dec 21, 2023Updated 2 years ago
- A tool to help query AD via the LDAP protocol☆618Sep 25, 2024Updated last year
- ☆300Mar 31, 2022Updated 4 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated last year
- ☆438Mar 2, 2025Updated last year
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 9 months ago
- The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.☆126Jun 22, 2020Updated 5 years ago
- PEN-300 collection to help you on your exam.☆699Feb 25, 2026Updated last month
- Evilginx Phishing Infrastructure Setup Guide - Securing Evilginx and Gophish Infrastructure, Removing IOCs, Phishing TTPs☆551Jun 3, 2025Updated 10 months ago
- Sleep obfuscation in golang based on ekko☆14Jan 16, 2024Updated 2 years ago
- A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.☆1,428Jul 27, 2025Updated 8 months ago
- Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.☆344Updated this week
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- SharpUp is a C# port of various PowerUp functionality.☆1,482Feb 14, 2024Updated 2 years ago
- Easy peasy file uploads☆33Aug 29, 2025Updated 7 months ago
- Because AV evasion should be easy.☆862Nov 28, 2024Updated last year
- ☆36May 31, 2023Updated 2 years ago
- Various Cobalt Strike BOFs☆748Oct 16, 2022Updated 3 years ago
- Just another Process Injection using Process Hollowing technique.☆18Sep 18, 2023Updated 2 years ago
- Direct syscalls Injection to bypass AV/EDR☆11May 18, 2024Updated last year