Jump to content

Red Team Tools and Techniques


Recommended Posts

Idk how common this is but if you have a data structure, header or unique error message when probing a closed source service sometimes you can find stack overflow threads describing what you're looking at just by searching for the format or message.

  • Like 6
Link to comment
Share on other sites

One tip that I love is that if you are able to compromise (or spoof) the IP of the vulnerability scanner, you will likely bypass all detections. If an analyst does see your scanning, they'll see its coming from the vulnerability scanner and instantly close it as a false positive. 🙂

  • Like 7
Link to comment
Share on other sites

I think the best tools are: 

https://getgophish.com/ for the phishing phase
A C2.
A good C2 loader.
https://github.com/BloodHoundAD/BloodHound and https://github.com/BloodHoundAD/SharpHound for active directory mapping (only if necessary)
https://github.com/SecureAuthCorp/impacket for the lateral movements
https://github.com/outflanknl/Dumpert for the lsass dumps or https://github.com/codewhitesec/HandleKatz

And PetitPotam, and others tools like that for relay.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...