Red Team

This technical article provides a detailed overview of various techniques and tools that can be used to bypass firewalls, including examples and best practices for red teamers and pen testers.

Explore advanced physical security bypass techniques, including lock picking, key duplication, RFID exploitation, access control system bypass, and social engineering, for red teaming and pen testing.

This article provides an in-depth analysis of the vulnerabilities and best practices for securing Industrial Control Systems (ICS) against cyber-attacks for an advanced audience of experienced security professionals, including sections on lack of network segmentation, weak authentication, outdated software and firmware, lack of monitoring and logging, vulnerable remote access, and SCADA hacking tools.

This article explores a range of covert communication and exfiltration techniques for Red Team operations, including protocol-level channels, social media, and out-of-band exfiltration techniques.

This article provides an in-depth discussion of advanced red team exercises specifically focused on supply chain attacks, including reconnaissance, weaponization, delivery, exploitation, and post-exploitation phases, with technical details and real-world examples.

SharpSocks is a powerful .NET-based proxy tool for red teaming and network penetration testing that enables encrypted communications, protocol obfuscation, and access to internal resources, providing professional hackers with stealth and persistence in their engagements.

This article explores the world of red team exercises, discussing various types of exercises, tools and techniques used, real-world examples, and the five phases of a typical red team exercise.

This article explores techniques and best practices for physical security testing, including social engineering, physical bypass, lock picking, surveillance, and physical access control.

A comprehensive guide to advanced phishing evasion techniques for Red Team engagements. Learn infrastructure masking, cloaking, HTML smuggling, and how to bypass automated analysis and Secure Email Gateways.

A comprehensive deep-dive into buffer overflow vulnerabilities. Learn the mechanics of stack frames, master the art of Return-Oriented Programming (ROP), discover how to bypass modern memory protections like ASLR/DEP, and write your first stack-based exploit.

A deep-dive into the core concepts, frameworks, and operational strategies of modern red teaming. Learn the critical difference between pen testing and adversary emulation, master the Unified Kill Chain, build resilient C2 infrastructure (redirectors, domain fronting), and understand the art of Purple Teaming.

A comprehensive deep-dive into network scanning and enumeration for red teamers. Master the intricacies of Nmap, explore the power of the Nmap Scripting Engine (NSE), learn advanced evasion techniques, and discover modern high-speed alternatives like RustScan and Masscan.

A masterclass in advanced SQL injection techniques for red team operators. Move beyond simple authentication bypass to manual UNION-based exfiltration, Error-Based and Blind SQLi, WAF evasion, Out-of-Band (OOB) data theft using DNS and HTTP, Second-Order injection, and leveraging advanced Sqlmap features for real-world engagements.

A comprehensive deep-dive into Cross-Site Scripting (XSS) from an offensive perspective. Learn to move beyond simple alert boxes to cookie theft, weaponized BeEF hooks, Blind XSS, and bypassing modern WAFs and CSPs.

A comprehensive deep-dive into the world of penetration testing and ethical hacking. Learn the Penetration Testing Execution Standard (PTES), the critical differences between VA and PT, the art of professional reporting, and how to navigate the legal minefield of offensive security.

A deep-dive guide for red team operators transitioning from Linux to macOS. Learn the critical differences in Unix underpinnings, master macOS-specific security boundaries like TCC and SIP, discover “Living off the Land” techniques using JXA and AppleScript, and understand how to persist using LaunchDaemons.

A specialized guide for Red Team operators on exfiltrating and migrating data from a target MySQL database to a local PostgreSQL instance. Learn how to use Docker for rapid infrastructure deployment, pgloader for automated schema conversion, and handle both live network migrations and offline dump analysis.

An in-depth guide to SSH multiplexing and master control sockets for red team operations. Learn to use a single TCP connection for concurrent sessions, reducing overhead, managing connection churn, and understanding the risks of socket hijacking.

Master the art of flight without leaving a footprint. A comprehensive guide to disabling shell history, managing operational hygiene, and understanding the forensic limit of these techniques across Bash, Zsh, Fish, and PowerShell on Linux.

This article explores how Red Team members can use alternate data streams on Windows NTFS to hide data, with specific examples and cautionary considerations.

A comprehensive guide to mastering port scanning on both Linux and Windows, covering standard tools like Nmap, stealthy built-in techniques, and modern PowerShell-based enumeration.

Master Linux enumeration with best practices, techniques, and tools to gather system info, identify vulnerabilities, and exploit attack vectors.