Red Team Tactics, Techniques, and Procedures
☆421Feb 4, 2026Updated last month
Alternatives and similar repositories for TTPs
Users that are interested in TTPs are comparing it to the libraries listed below
Sorting:
- PowerShell oneliner to retrieve wdigest passwords from the memory☆220Dec 11, 2017Updated 8 years ago
- A PoC Java Stager which can download, compile, and execute a Java file in memory.☆108Aug 6, 2018Updated 7 years ago
- Tricks for penetration testing☆582Feb 11, 2026Updated 3 weeks ago
- Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.☆399May 20, 2020Updated 5 years ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,615Dec 10, 2018Updated 7 years ago
- SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…☆383Aug 17, 2018Updated 7 years ago
- Wiki to collect Red Team infrastructure hardening resources☆4,450Oct 1, 2025Updated 5 months ago
- Windows / Linux Local Privilege Escalation Workshop☆1,003Jan 15, 2019Updated 7 years ago
- Active Directory Assessment and Privilege Escalation Script☆1,132Dec 7, 2022Updated 3 years ago
- A fully functional DanderSpritz lab in 2 commands☆447May 16, 2019Updated 6 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Red Team Tips as posted by @vysecurity on Twitter☆1,069Apr 26, 2020Updated 5 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- A testing framework for mail security and filtering solutions.☆245Jul 24, 2023Updated 2 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- A collection of scripts I've written to help red and blue teams with malware persistence techniques.☆127May 30, 2018Updated 7 years ago
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,305Aug 19, 2019Updated 6 years ago
- Collection of PowerShell scripts☆450Dec 18, 2017Updated 8 years ago
- Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…☆2,623Dec 13, 2025Updated 2 months ago
- Provides In-memory compilation and reflective loading of C# apps for AV evasion.☆372Feb 23, 2024Updated 2 years ago
- Run shellcode from resource☆259Dec 13, 2020Updated 5 years ago
- Building an Active Directory domain and hacking it☆665Dec 23, 2019Updated 6 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆109Sep 26, 2017Updated 8 years ago
- A PowerShell example of the Windows zero day priv esc☆328Sep 12, 2018Updated 7 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,313Jan 22, 2025Updated last year
- Parse X509 certificates to get the (sub)domains in it.☆28Jun 14, 2018Updated 7 years ago
- Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments☆401Feb 27, 2024Updated 2 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- Post Exploitation Collection☆1,570May 1, 2020Updated 5 years ago
- An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector☆1,019Sep 11, 2017Updated 8 years ago
- Search for potential frontable domains☆644Mar 22, 2023Updated 2 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilities☆319Dec 29, 2017Updated 8 years ago
- UAC bypass, Elevate, Persistence methods☆2,739Feb 13, 2023Updated 3 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- PowerShell Empire Web Interface☆330May 20, 2023Updated 2 years ago
- Use ExpiredDomains.net and BlueCoat to find useful domains for red team.☆183Jun 10, 2022Updated 3 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆854Mar 23, 2018Updated 7 years ago
- A collection of Red Team focused tools, scripts, and notes☆1,145Nov 19, 2024Updated last year
- Robber is open source tool for finding executables prone to DLL hijacking☆786Jun 23, 2022Updated 3 years ago