Develop-Python
diff --git a/‎.DS_Store
-6 KB b/‎.DS_Store
-6 KB
diff --git a/‎.github/README.md
Lines changed: 247 additions & 0 deletions b/‎.github/README.md
Lines changed: 247 additions & 0 deletions
diff --git a/‎redteam_logo.png renamed to ‎.github/images/redteam_logo.png b/‎redteam_logo.png renamed to ‎.github/images/redteam_logo.png
diff --git a/‎.gitignore
Lines changed: 2 additions & 0 deletions b/‎.gitignore
Lines changed: 2 additions & 0 deletions
diff --git a/‎01-CobaltStrike/AggressorScripts/README.md
Lines changed: 10 additions & 9 deletions b/‎01-CobaltStrike/AggressorScripts/README.md
Lines changed: 10 additions & 9 deletions
@@ -0,0 +1,247 @@
+<p align="center">
+  <img width="500" height="500" src="./images/redteam_logo.png">
+</p>
+
+## OSINT
+
+### Passive Discovery
+
+- Amass - https://github.com/OWASP/Amass (Attack Surface Mapping)
+- Metabigor - https://github.com/j3ssie/metabigor (Non-API OSINT)
+- AsINT_Collection - https://start.me/p/b5Aow7/asint_collection (Massive OSINT Collection)
+- Email --> Phone# - https://github.com/iansangaji/email2phonenumber
+- MFASweep - https://github.com/dafthack/MFASweep (MFA Check for Microsoft endpoints)
+
+### Active Discovery
+
+- ZGrab - https://github.com/zmap/zgrab (Banner grabber)
+- Hardenize - https://www.hardenize.com/ (Domain Lookup)
+
+### Target User Population Collection
+
+- Linkedin UserEnum - https://github.com/bigb0sss/LinkedinMama
+- US Staff UserEnum - https://github.com/bigb0sss/USStaffMama
+- NameSpi - https://github.com/waffl3ss/NameSpi
+
+### Public Site Lookup (Github, Gitlab, etc.)
+
+- Gitrob - https://github.com/michenriksen/gitrob/ (Github Search)
+- truffleHog - https://github.com/dxa4481/truffleHog (Github Regex Search)
+
+### Cloud Recon
+
+- Cloud_Security_Wiki - https://cloudsecwiki.com/azure_cloud.html (Awesome cloud resources)
+- cloud_enum - https://github.com/initstring/cloud_enum
+- MicroBurst - https://github.com/NetSPI/MicroBurst (AZURE)
+- pacu - https://github.com/RhinoSecurityLabs/pacu (AWS)
+- FestIn - https://github.com/cr0hn/festin (AWS)
+- s3viewer - https://github.com/SharonBrizinov/s3viewer (AWS)
+- Cloud_Pentest_Cheatsheet - https://github.com/dafthack/CloudPentestCheatsheets
+- endgame - https://github.com/salesforce/endgame (AWS)
+
+### Microsoft (ADFS)
+
+- ADFSpoof - https://github.com/fireeye/ADFSpoof (Forge ADFS security tokens)
+
+### Web App
+
+- Wordpress-Exploit-Framework - https://github.com/rastating/wordpress-exploit-framework
+- Awesome-Web-Security - https://github.com/qazbnm456/awesome-web-security
+- Java Deserialization - https://github.com/frohoff/ysoserial
+- PHP Deserialization - https://github.com/ambionics/phpggc
+- Kubernetes - https://github.com/loodse/kubectl-hacking
+- SSRF - https://github.com/jdonsec/AllThingsSSRF
+- Skf-labs - https://owasp-skf.gitbook.io/asvs-write-ups/ (Great Write-ups)
+  <br />
+
+## Phishing
+
+### Phishing Techniques - https://blog.sublimesecurity.com/
+
+#### Microsfot 365 Device Code Phishing
+
+- devicePhish - https://github.com/bigb0sss/Microsoft365_devicePhish
+- TokenTactics - https://github.com/rvrsh3ll/TokenTactics
+  <br />
+
+## Password Spray
+
+### Tools
+
+- MSOLSpray - https://github.com/dafthack/MSOLSpray
+- o365enum.py - https://github.com/gremwell/o365enum (Microsoft ActiveSync)
+- goPassGen - https://github.com/bigb0sss/goPassGen (PasswordSpray List Generator)
+- go365 - https://github.com/optiv/Go365 (Microsoft SOAP API endpoint on login.microsoftonline.com)
+- Okta - https://github.com/Rhynorater/Okta-Password-Sprayer
+- o365Spray - https://github.com/0xZDH/o365spray
+
+### IP Rotators
+
+- Burp IPRotate - https://github.com/PortSwigger/ip-rotate (Utilizes AWS IP Gateway)
+- ProxyCannon-NG - https://github.com/proxycannon/proxycannon-ng
+- Cloud-proxy - https://github.com/tomsteele/cloud-proxy
+- Proxy-NG - https://github.com/jamesbcook/proxy-ng
+- Mubeng - https://github.com/kitabisa/mubeng#proxy-ip-rotator
+
+### Default Password Check
+
+- CIRT - https://cirt.net/passwords
+- DefaultCreds-cheat-sheet - https://github.com/ihebski/DefaultCreds-cheat-sheet
+
+## C2 Infrastructure
+
+### Cobal Strike
+
+- Beacon Command Cheatsheet - [CS Commands](https://github.com/bigb0sss/RedTeam/tree/master/CobaltStrike)
+- Cobalt Strike Training Review
+
+  - [Part 1](https://medium.com/@bigb0ss/red-team-review-of-red-team-operations-with-cobalt-strike-2019-training-course-part-1-962c510565aa)
+
+- SharpeningCobaltStrike - https://github.com/cube0x0/SharpeningCobaltStrike
+
+#### Malleable C2
+
+- Malleable C2 (Guideline) - [CS4.0_guideline.profile](https://github.com/bigb0sss/RedTeam/blob/master/CobaltStrike/malleable_C2_profile/CS4.0_guideline.profile)
+- Malleable C2 Randomizer - https://fortynorthsecurity.com/blog/introducing-c2concealer/
+- SourcePoint - https://github.com/Tylous/SourcePoint
+
+### Redirectors
+
+- Domain Fronting - https://www.bamsoftware.com/papers/fronting/
+
+### Proxy Infrastructure Setup
+
+- Cloud-proxy - https://github.com/tomsteele/cloud-proxy
+- Proxy-ng - https://github.com/jamesbcook/proxy-ng
+- ProxyCannon - https://github.com/proxycannon/proxycannon-ng
+
+## Post-Exploitation
+
+### Windows Active Directory Recon/Survey
+
+- Seatbelt - https://github.com/GhostPack/Seatbelt (Ghostpack)
+- DNS Enum - https://github.com/dirkjanm/adidnsdump
+
+### Windows Active Directory Attacks
+
+- Attacking & Securing Active Directory - https://rmusser.net/docs/Active_Directory.html (Awesome references)
+
+### Internal Phishing
+
+- pickl3 - https://github.com/hlldz/pickl3
+- CredPhisher - https://github.com/matterpreter/OffensiveCSharp/tree/master/CredPhisher
+
+### Credential Theft
+
+- SharpChromium - https://github.com/djhohnstein/SharpChromium (Browser)
+- Mimikatz Command References - https://adsecurity.org/?page_id=1821
+
+### Lateral Movement
+
+- SpectorOps - https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f
+- Pypykatz - https://github.com/skelsec/pypykatz (Python implementation of Mimikatz)
+- Internal-Monologue - https://github.com/eladshamir/Internal-Monologue
+- MSSQL - https://research.nccgroup.com/2021/01/21/mssql-lateral-movement/
+- LiquidSnake - https://github.com/RiccardoAncarani/LiquidSnake (Fileless LM using WMI Event Subscriptions and GadgetToJScript)
+
+### Offensive C#
+
+- OffensiveCSharp - https://github.com/matterpreter/OffensiveCSharp
+- C# Collection - https://github.com/midnightslacker/Sharp/blob/master/README.md
+
+### LiveOffTheLand
+
+- LOLBAS - https://lolbas-project.github.io/
+
+### AV/AMSI Evasion
+
+- xencrypt - https://github.com/the-xentropy/xencrypt (PowerShell)
+- FalconStrike - https://github.com/slaeryan/FALCONSTRIKE
+- AV_Bypass - https://github.com/Techryptic/AV_Bypass
+- DotNetToJScript - https://github.com/tyranid/DotNetToJScript
+- GadgetToJScript - https://github.com/med0x2e/GadgetToJScript | https://github.com/rasta-mouse/GadgetToJScript
+- Shellcodeloader - https://github.com/knownsec/shellcodeloader (ShellcodeLoader of windows can bypass AV)
+
+### EDR Evasion
+
+- SharpBlock - https://github.com/CCob/SharpBlock
+- ScareCrow - https://github.com/optiv/ScareCrow (EDR Bypass Payload Creation Framework)
+- Cobalt Strike Tradecraft
+  - https://hausec.com/2021/07/26/cobalt-strike-and-tradecraft/amp/?__twitter_impression=true
+  - https://www.cobaltstrike.com/help-opsec
+
+### PowerShell
+
+- p3nt4 - https://github.com/p3nt4
+
+## Exploit Dev
+
+### Windows
+
+- https://github.com/Ondrik8/exploit
+- Undocumented Func (Win NT/2000/XP/Win7) - http://undocumented.ntinternals.net/
+- Windows Syscall - https://j00ru.vexillium.org/syscalls/nt/64/
+- Windows Undocumented Func - http://undocumented.ntinternals.net/
+- Windows Kernel Exploit Training - https://codemachine.com/
+- Anti-Debug - https://anti-debug.checkpoint.com/
+
+### Nix
+
+## RedTeam Researchers/Githubs/Gitbooks
+
+- Vincent Yiu - https://vincentyiu.com
+- Outflank - https://github.com/outflanknl
+- Bank Security - https://github.com/BankSecurity/Red_Team
+- Infosecn1nja - https://github.com/infosecn1nja (Redteam-Toolkit = AWESOME)
+- Yeyintminthuhtut - https://github.com/yeyintminthuhtut
+- RedCanary (Atomic RedTeam) - https://github.com/redcanaryco/atomic-red-team
+- kmkz - https://github.com/kmkz/Pentesting (Good cheat-sheets)
+- Rastamouse - https://offensivedefence.co.uk/authors/rastamouse/
+- (Gitbook) dmcxblue - https://dmcxblue.gitbook.io/red-team-notes-2-0/
+
+## Lab Resources
+
+- Windows Server VMs - https://www.microsoft.com/en-us/evalcenter
+- Windows 10 - https://www.microsoft.com/en-us/software-download/windows10ISO
+- Archive of WinVMs - https://archive.org/search.php?query=subject%3A%22IEVM%22
+- Public MSDN - [Link](https://the-eye.eu/public/MSDN/)
+- Adversary Tactics: PowerShell - https://github.com/specterops/at-ps (Specterops)
+
+## Sexy Resources
+
+- MITRE ATT&CK - https://attack.mitre.org/
+- MalwareNews - https://malware.news/
+- CWE - http://cwe.mitre.org/top25/archive/2019/2019_cwe_top25.html
+- CTID - https://github.com/center-for-threat-informed-defense
+- SpritesMods - http://spritesmods.com/?art=main (Product Security)
+- Joeware - http://www.joeware.net/ (Windows AD Guru - Many AD Recon bins and amazing blogs)
+- Tenable - https://github.com/tenable/poc (Exploit POCs)
+- MalwareUnicorn - https://malwareunicorn.org/ (Malware/Reversing)
+
+## Security Testing Practice Lab
+
+- Hackthebox - https://www.hackthebox.eu/
+- Cyberseclab - https://www.cyberseclabs.co.uk/ (AD Focus)
+
+## BlueTeam
+
+### Lab Resources
+
+- Detection Lab - https://github.com/clong/DetectionLab
+
+### Threat Detection
+
+- KQL - https://github.com/DebugPrivilege/KQL
+- Sigma - https://github.com/Neo23x0/sigma (Generic Signature Format for SIEM)
+- Splunk Security Essential Docs - https://docs.splunksecurityessentials.com/content-detail/ (Various IOCs)
+- Cobalt Strike Defense - https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence
+
+### Windows Security (What will BlueTeam look for?)
+
+#### LDAP (Lightweight Directory Access Protocol)
+
+- [Hunting for reconnaissance activities using LDAP search filter (Microsoft)](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/hunting-for-reconnaissance-activities-using-ldap-search-filters/ba-p/824726)
+
+## Disclaimer
+
+All the credits belong to the original authors and publishers.
@@ -0,0 +1,2 @@
+.DS_Store
+*.log
@@ -3,15 +3,16 @@
 Collections of useful CobaltStrike 4.0+ AggressorScripts
 
 ### Cred Dump
-* <b>mass-dcsync.cna</b> - DSCync a list of the specified users (Credit @Bluescreenofjeff)
 
+- <b>mass-dcsync.cna</b> - DSCync a list of the specified users (Credit @Bluescreenofjeff)
 
 ## Aggressor Scripts Repos
-* https://github.com/bluscreenofjeff/AggressorScripts
-* https://github.com/Und3rf10w/Aggressor-scripts
-* https://github.com/001SPARTaN/aggressor_scripts
-* https://github.com/vysec/Aggressor-VYSEC
-* https://github.com/harleyQu1nn/AggressorScripts
-* https://github.com/rasta-mouse/Aggressor-Script
-* https://github.com/ramen0x3f/AggressorScripts
-* https://github.com/invokethreatguy/CSASC
+
+- https://github.com/bluscreenofjeff/AggressorScripts
+- https://github.com/Und3rf10w/Aggressor-scripts
+- https://github.com/001SPARTaN/aggressor_scripts
+- https://github.com/vysec/Aggressor-VYSEC
+- https://github.com/harleyQu1nn/AggressorScripts
+- https://github.com/rasta-mouse/Aggressor-Script
+- https://github.com/ramen0x3f/AggressorScripts
+- https://github.com/invokethreatguy/CSASC