Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
A framework for testing and exploiting race conditions in software
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Emulate offensive attack techniques in the cloud with a self-contained Go binary.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Introduction to using GScript for Red Teams
Redboto is a collection of scripts for red team operations against the AWS API.
Local pentest lab using docker compose to spin up victim and attacker services.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
Participation in the Red Team for Pacific Rim CCDC 2017 with insights on infrastructure design and competition tips.
Adversary emulation framework for testing security measures in network environments.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
Create a vulnerable active directory for testing various Active Directory attacks.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
A technique for social engineering and untrusted command execution using ClickOnce technology
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
A C#-based Command and Control Framework for remote access and control of compromised systems.
A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
A guide to bypassing RFID card reader security mechanisms using specialized hardware
Back-end component for red team operations with crucial design considerations.