While learning about Red Team Assessments && Adversary Emulation Exercises i found it very very difficult to keep track of all the information, new tricks , useful websites, study videos and researching new tricks.
Purpose of this repository is to help all the beginner and experienced proffesionals to understand,learn and share new tricks for the community.
"We Hack We Secure We Innovate We Share" We are HSIS Red Teamers
- Useful Websites
- Red Team Tips & Tricks
- Adversary Emulation Tips & Tricks
- Softwares & Tools to Use for Red Team & Adversary Emulation
- Useful Documents, Writeups & Cheatsheets
- Video's to Refer
- People to Follow
- Toool For Lockpickers : It is an open organization which can be used by lockpickers to learn and buy lockpicking realted tools.
- Cyber Syndicates : RED TEAM AND HACKING BLOG WITH A TOUCH OF THREAT EMULATION OF REAL WORLD TTPS. WE FOCUS ON INFOSEC AND COVER TOPICS FROM LATEST TOOLSETS!
- Empire Framework : Empire is a pure PowerShell post-exploitation agent, ability to run PowerShell agents without needing powershell.exe. Work ith modules such as mimikatz. Overall very useful in performing Red Team & Post Exploitation
- Red Team Wiki : Very Useful Wiki to help to setup the entire Red Team Operations
- Atomic Red Team: You can spend millions and put amazing security solutions on your network, but how do you know they are effective and working. You cannot wait for actual attack to happen so Atomic Red Team gives you the framework that is open source and provides you with capabilities to test your detection.
- PowerUP : Used for Windows privilege escalation vectors that rely on misconfigurations.
- PowerSploit : PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. PowerSploit is comprised of the following modules and scripts.
- CobaltStrike: Cobalt Strike is software for Adversary Simulations and Red Team Operations.
- ADEnumerator: ADEnumerator is a PowerShell module designed to query Active Directory servers from non-domain systems. You harvest domain credentials from a printer, via NBNS spoofing, etc.
- CredNinja : CredNinja is very useful when performing privilege escalation and lateral movement because you can identify systems for which your credentials have elevated privileges, and continue dumping credentials on those systems. - WMIOps : WMIOps is a powershell script that uses WMI to perform a variety of actions on hosts, local or remote, within a Windows environment. It's designed primarily for use on penetration tests or red team engagements.
- EyeWitness: It take screenshots of websites, provide some server header info, and identify default credentials if possible.
- PowerView : PowerView is a PowerShell tool to gain network situational awareness on Windows domains.
- BloodHound : Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths.
- Proxmark3 : Swiss Army Knife for performing RFID / NFC based red team assessments.
- RFIDler : Under development toolkit which is used for RFID and NFC Hacking, however this option is cheaper then Proxmark3.
- Hak5 Hacking Gears : One stop shop for pentesters and redteamers who need to perform real physical and wireless hacking into the organizations. They contain the tools which can be used during USB Drop, Wireless Attacks, Maintaining Access and packet injections.
- CheatSheets : Cheat sheets for various projects (PowerView, PowerUp, Empire, and PowerSploit). Also a sheet for a commercial toolset (Beacon/Cobalt Strike).