Mythic is a powerful, open-source post-exploitation framework that offers red teamers and pen testers an extensible and customizable platform with numerous modules, agents, and C2 profiles to enhance their engagements and achieve objectives in various target environments.
SharpSocks is a powerful .NET-based proxy tool for red teaming and network penetration testing that enables encrypted communications, protocol obfuscation, and access to internal resources, providing professional hackers with stealth and persistence in their engagements.
This article provides a comprehensive guide to using Covenant, a powerful command and control framework for red teaming and post-exploitation operations, covering its architecture, installation, setup, usage, real-world examples, and custom task development for a technical audience.
This article explores Nishang, a collection of PowerShell scripts designed for penetration testing and red teaming, covering its various modules, usage examples, and real-world applications, ultimately demonstrating the tool’s value and versatility for cybersecurity professionals.
This article explores what PsExec is, how it works, and how it can be used by red teamers or pen testers to achieve remote code execution on a target system, with examples and prerequisites.
Detailed guide for advanced red teams on using sc.exe for remote execution on Windows, including payload creation, encoding, and service initiation.
Explore how Red Team members use DSQuery to gather info on Active Directory environments, including specific examples and considerations.
Dive into advanced use cases for powerful Windows command-line tools like PowerShell, Netsh, and more, targeted at Red Team members.
This article explores how to use xfreerdp and Pass-the-Hash technique to connect to an RDP server and provides real-world examples and limitations of the technique.
This article explains how to tunnel traffic through a network using iptables port bends, SSH tunnels, and netsh port proxies.