Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-windows-red-team
A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams
https://github.com/marcosvalle/awesome-windows-red-team
- Windows Internals, Seventh Edition, Part 1
- Windows Internals, Sixth Edition, Part 1
- Windows Internals, Sixth Edition, Part 2
- How to Hack Like a PORNSTAR: A step by step process for breaking into a BANK
- Windows® via C/C++ (Developer Reference) (English Edition)
- The Hacker Playbook 3: Practical Guide To Penetration Testing
- Professor Messer's CompTIA SY0-501 Security+ Course
- Penetration Testing with Kali (PWK) Online Security Training Course
- Offensive Security Certified Expert
- Advanced Windows Exploitation: Live Hands-on Penetration Testing Training
- Windows API Exploitation Recipes: Processes, Tokens and Memory RW
- Powershell for Pentesters - Pentester Academy
- WMI Attacks and Defense - Pentester Academy
- Windows Red Team Lab - Pentester Academy
- ADsecurity.org
- DerbyCon4 - How to Secure and Sys Admin Windows like a Boss
- DEFCON 20: Owned in 60 Seconds: From Network Guest to Windows Domain Admin
- BH2015 - Red Vs. Blue: Modern Active Directory Attacks, Detection, And Protection
- BH2016 - Beyond the Mcse: Active Directory for the Security Professional
- BH2017 - Evading Microsoft ATA for Active Directory Domination
- DEFCON 26 - Exploiting Active Directory Administrator Insecurities
- BH2017 - An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
- DerbyCon7 - Building the DeathStar getting Domain Admin with a push of a button (aka how I almost automated myself out pf a job)
- DerbyCon4 - Abusing Active Directory in Post Exploitation
- Kerberos (I): How does Kerberos work? – Theory
- Protecting Privileged Domain Accounts: Network Authentication In-Depth
- Basic attacks on communication protocols – replay and reflection attacks
- MicroNugget: How Does Kerberos Work?
- MIT 6.858 Fall 2014 Lecture 13: Kerberos
- DerbyCon4 - Et tu Kerberos
- DerbyCon7 - Return From The Underworld The Future Of Red Team Kerberos
- BH2014 - Abusing Microsoft Kerberos: Sorry You Guys Don't Get It
- DerbyCon4 - Attacking Microsoft Kerberos Kicking the Guard Dog of Hades
- Kerberos in the Crosshairs: Golden Tickets, Silver Tickets, MITM, and More
- How Attackers Use Kerberos Silver Tickets to Exploit Systems
- Retrieving NTLM Hashes without touching LSASS: the “Internal Monologue” Attack
- ATT&CK - Credential Dumping
- BH2002 - Cracking NTLMv2 Authentication
- DerbyCon7 - Securing Windows with Group Policy
- Abusing GPO Permissions
- Targeted Kerberoasting
- DerbyCon4 - Getting Windows to Play with Itself: A Pen Testers Guide to Windows API Abuse
- ATT&CK - Pass the Hash
- BH2013 - Pass the Hash and other credential theft and reuse: Preventing Lateral Movement...
- BH2013 - Pass the Hash 2: The Admin's Revenge
- From Pass-the-Hash to Pass-the-Ticket with No Pain
- Pass-the-Hash Is Dead: Long Live LocalAccountTokenFilterPolicy
- ATT&CK - Pass the Ticket
- An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit
- Level Up! Practical Windows Privilege Escalation - Andrew Smith
- Windows Privilege Escalation Presentation
- Windows Kernel Exploits
- DEF CON 22 - Kallenberg and Kovah - Extreme Privilege Escalation On Windows 8/UEFI Systems
- DEF CON 25 - Morten Schenk - Taking Windows 10 Kernel Exploitation to the next level
- DerbyCon7 - Not a Security Boundary Bypassing User Account Control
- Rotten Potato
- DerbyCon3 - Antivirus Evasion Lessons Learned
- DerbyCon7 - T110 Modern Evasion Techniques
- DerbyCon7 - Evading Autoruns
- Red Team Techniques for Evading, Bypassing & Disabling MS
- How to Bypass Anti-Virus to Run Mimikatz
- AV Evasion - Obfuscating Mimikatz
- Getting PowerShell Empire Past Windows Defender
- Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’
- Local Administrator Password Solution
- Malicious use of Microsoft LAPS
- What Is AppLocker?
- How to Evade Application Whitelisting Using REGSVR32
- UltimateAppLockerByPassList
- Abusing Windows Management Instrumentation (WMI)
- DEF CON 23 - Panel - WhyMI so Sexy: WMI Attacks - Real Time Defense and Advanced Forensics
- DerbyCon3 - Living Off The Land A Minimalist's Guide To Windows Post Exploitation
- DEF CON 18 - David Kennedy "ReL1K" & Josh Kelley - Powershell...omfg
- DEF CON 22 - Investigating PowerShell Attacks
- DerbyCon2016 - 106 PowerShell Secrets and Tactics Ben0xA
- Daniel Bohannon – Invoke-Obfuscation: PowerShell obFUsk8tion
- BH2017 - Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
- Phishing with Maldocs
- Phishing with Empire
- Phishing with Macros and Powershell
- About Dynamic Data Exchange
- Abusing Microsoft Office DDE
- Microsoft Office Dynamic Data Exchange(DDE) attacks
- Office-DDE-Payloads
- Hacking around HTA files
- Mimikatz
- BloodHound
- Empire
- Nishang
- Responder
- CrackMapExec
- PSExec
- Cobalt Strike
- Red Team Automation - RTA
- CALDERA
- Atomic Red Team
- Metta
- Awesome Red Teaming
- Red Teaming Toolkit
- Red Team Infrastructure Wiki
- Awesome Pentest
- Red Teaming Experiments
Programming Languages
Keywords
red-team
4
redteam
3
pentesting
3
hacking
3
infosec
3
python
2
mitre
2
mitre-attack
2
empire
2
cobalt-strike
2
security
2
powershell
2
adversary-emulation
1
windows
1
networks
1
active-directory
1
penetration-testing
1
nishang
1
activedirectory
1
rules
1
purpleteam
1
bypass
1
blueteam
1
awl
1
redirector
1
infrastructure
1
uac
1
redteaming
1
phishing
1
yaml
1
virtualbox
1
vagrant
1
uber
1
simulation
1
redis
1
networking
1
network
1
celery
1
adversarial
1
security-testing
1
security-automation
1
mitre-corporation
1
cybersecurity
1
caldera
1
applocker
1