Red Team

Offensive Security

Brute Ratel C4 on SecurityListing: Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.

Offensive Security

Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite on SecurityListing: Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.

Offensive Security

Lab of a Penetration Tester: Week of Evading Microsoft ATA on SecurityListing: A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection

Penetration Testing

PoshC2 on SecurityListing: A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.

Offensive Security

ParrotSec on SecurityListing: Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.

Penetration Testing

Pivoting Cheat Sheet on SecurityListing: A pocket reference guide providing various options for navigating and pivoting through different environments and situations.

Offensive Security

State of Security on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Guides

Operator Handbook: Red Team + OSINT + Blue Team Reference on SecurityListing: A detailed manual for cybersecurity professionals focusing on red team, OSINT, and blue team strategies.

Offensive Security

Daniel Miessler/Unsupervised Learning on SecurityListing: Sysreptor offers a customizable reporting solution for offensive security assessments.

Offensive Security

Threatpost on SecurityListing: Sysreptor offers a customizable reporting solution for penetration testing and red teaming.

Security Operations

Bait and Switch Honeypot on SecurityListing: An active and aggressive honeypot tool for network security.

Offensive Security

TechTarget on SecurityListing: Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.

Offensive Security

Covert Red Team Attack Infrastructure on SecurityListing: Back-end component for red team operations with crucial design considerations.

Offensive Security

Caldera on SecurityListing: Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.

AI Model Security

Akto 2025 State of Agentic AI Security Report on SecurityListing: AI agent and MCP security platform for discovery, testing, and guardrails

Offensive Security

LeakIX on SecurityListing: LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.

Penetration Testing

Randomized Malleable C2 Profiles Made Easy on SecurityListing: Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.

Offensive Security

LockBoxx on SecurityListing: Introduction to using GScript for Red Teams

API Security

White Circle Control Your AI on SecurityListing: AI control layer for testing, protecting, observing, and optimizing AI apps

Offensive Security

Bleeping Computer on SecurityListing: A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.

Penetration Testing

Bishop Fox AI/LLM Security Assessment on SecurityListing: AI/LLM security assessment service for testing AI systems and infrastructure

Penetration Testing

Comodo Advanced Penetration Testing on SecurityListing: Professional penetration testing services for networks, apps, and systems

tfkr

Application Security

tfkr is an Emirati-based cybersecurity firm specializing in application security testing and offensive security training. The company focuses on identifying and mitigating vulnerabilities in software

Penetration Testing

SSH Tunnelling to Punch Through Corporate Firewalls – Updated take on one of the oldest LOLBINs on SecurityListing: A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.

Offensive Security

Paving The Way to DA - Complete Post (Pt 1,2 & 3) on SecurityListing: A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.

Offensive Security

The Hacker News on SecurityListing: The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.

Guides

Security Guide Red Hat Enterprise Linux 7 on SecurityListing: The official security guide for Red Hat Enterprise Linux 7, providing detailed information on securing the operating system.

Offensive Security

WebDAV Covert Channel on SecurityListing: A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.

Offensive Security

The Security Ledger on SecurityListing: Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.

Offensive Security

Tao Security on SecurityListing: Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.

Offensive Security

The State of Security by Tripwire on SecurityListing: Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.

Offensive Security

Security Intelligence on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Penetration Testing

ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution on SecurityListing: A technique for social engineering and untrusted command execution using ClickOnce technology

Offensive Security

Troy Hunt on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.