Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/sneakerhax/TTPs
Red Team Tactics, Techniques, and Procedures
https://github.com/sneakerhax/TTPs
bash linux pentesting powershell python python3 redteam security windows
Last synced: about 2 months ago
JSON representation
Red Team Tactics, Techniques, and Procedures
- Host: GitHub
- URL: https://github.com/sneakerhax/TTPs
- Owner: sneakerhax
- License: gpl-3.0
- Created: 2016-09-18T23:25:38.000Z (over 8 years ago)
- Default Branch: main
- Last Pushed: 2024-06-24T22:21:47.000Z (6 months ago)
- Last Synced: 2024-08-04T07:01:09.327Z (5 months ago)
- Topics: bash, linux, pentesting, powershell, python, python3, redteam, security, windows
- Language: Dockerfile
- Homepage:
- Size: 1.37 MB
- Stars: 392
- Watchers: 26
- Forks: 91
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# TTPs
Tactics, Techniques, and Procedures (aka. my notes)
[![License](https://img.shields.io/badge/license-GPL3-lightgrey.svg)](https://www.gnu.org/licenses/gpl-3.0.en.html) [![Twitter](https://img.shields.io/badge/twitter-sneakerhax-38A1F3?logo=twitter)](https://twitter.com/sneakerhax)
## Red Team Resources
Resources to define, understand the execution, and goals of Red Teaming. These resources have an emphasis on Enterprise Red Teaming in the cloud
## Definition
* [Red Team](https://en.wikipedia.org/wiki/Red_team) - Wikipedia
* [Hacking Google | Red Team](https://www.youtube.com/watch?v=TusQWn2TQxQ) - Google
* [Red teaming 101: What is red teaming?](https://www.ibm.com/blog/red-teaming-101-what-is-red-teaming/) - Evan Anderson (IBM)## TTP
* [Mitre Att&ck](https://attack.mitre.org) - Mitre
* [NIST Glossary - Tactics, Techniques, and Procuedures](https://csrc.nist.gov/glossary/term/tactics_techniques_and_procedures) - NIST
* [NIST Glossary - Tactic, Technique, and Procedure](https://csrc.nist.gov/glossary/term/tactic_technique_procedure) - NIST
* [What’s in a name? TTPs in Info Sec](https://posts.specterops.io/whats-in-a-name-ttps-in-info-sec-14f24480ddcc) - Robby Winchester
* [Red Team Guide - RED TEAM TRADECRAFT AND TTP GUIDANCE](https://redteam.guide/docs/Planning/red-team-tradecraft/) - Joe Vest and James Tubberville## Execution
* [Red Teaming: Using Cutting-Edge Threat Simulation to Harden the Microsoft Enterprise Cloud](https://azure.microsoft.com/en-us/blog/red-teaming-using-cutting-edge-threat-simulation-to-harden-the-microsoft-enterprise-cloud/) - Scott Field
* [GitLab - Red Team](https://about.gitlab.com/handbook/engineering/security/threat-management/red-team/) - Chris Moberly (Gitlab)
* [Red Team Operations with Cobalt Strike (2019)](https://www.youtube.com/watch?v=q7VQeK533zI&list=PL9HO6M_MU2nfQ4kHSCzAQMqxQxH47d1no) - Raphael Mudge
* [Cobalt Strike Blog](https://www.cobaltstrike.com/blog/) - Raphael Mudge
* [Dirty Red Team Tricks](https://www.youtube.com/watch?v=oclbbqvawQg) - Raphael Mudge and Rob Fuller
* [Dirty Red Team Tricks 2.0](https://www.youtube.com/watch?v=6kKoJW5xvhg) - Raphael Mudge
* [Force Multipliers for Red Team Operations](https://www.youtube.com/watch?v=G-JaHWaLmgc) - Raphael Mudge
* [Flying a Cylon Raider](https://www.youtube.com/watch?v=26PedM_-zRo) - Raphael Mudge
* [In Memory Evasion (2018)](https://www.youtube.com/watch?v=lz2ARbZ_5tE&list=PL9HO6M_MU2nc5Q31qd2CwpZ8J4KFMhgnK&ab_channel=RaphaelMudge) - Raphael Mudge
* [Red Teaming Back and Forth 5ever](https://www.youtube.com/watch?v=FTiBwFJQg64) - Fuzzynop
* [Bridging the gap - Lesson in adversarial tradecraft](https://www.youtube.com/watch?v=xHkRhRo3l8o) - harmj0y & enigma0x3
* [Tradecraft Security Weekly](https://www.youtube.com/playlist?list=PLlPkFwQHxYE7Yi5jtcSyCCr8pXxP1OEkZ) - Security Weekly
* [Red Team Infrastructure Wiki](https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki) - bluescreenofjeff
* [Red Teaming Experiments](https://www.ired.team/) - spottheplanet## Breaches & Incidents
* [Cost of a Data Breach Report](https://www.ibm.com/security/data-breach) - IBM
* [Data Breach Investigation Report](https://www.verizon.com/business/resources/reports/dbir/) - Verizon
* [What is the cost of a data breach?](https://www.csoonline.com/article/3434601/what-is-the-cost-of-a-data-breach.html) - Michael Hill (CSO online)
* [89 Must-Know Data Breach Statistics 2022](https://www.varonis.com/blog/data-breach-statistics) - Rob Sobers (Varonis)
* [Annual Data Breaches US 2005 - Current](https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/) - Statista Research Department
* [CYBERSECURITY INCIDENT TRACKER](https://www.board-cybersecurity.com/incidents/tracker/) - Board CyberSecurity
* [SEC FORM 8-K](https://www.sec.gov/answers/form8k.htm) - U.S. Securities and Exchange Commission
* [Significant Cyber Incidents](https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents) - CSIS
* [Awesome Annual Security Reports](https://github.com/jacobdjwilson/awesome-annual-security-reports) - Jacob Wilson
## Books
* [Red Team Development and Operations: A practical guide](https://www.amazon.com/Red-Team-Development-Operations-practical/dp/B083XVG633) - Joe Vest and James Tubberville
* [Red Team: How to Succeed by Thinking Like the Enemy](https://www.amazon.com/Red-Team-Succeed-Thinking-Enemy/dp/0465048943) - Micah Zenko
* [Red Teaming - How Your Business Can Conquer the Competition by Challenging Everything](https://www.amazon.com/Red-Teaming/dp/1524759988) - Bryce G. Hoffman