Red Team

Offensive Security

Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite on SecurityListing: Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.

Offensive Security

Brute Ratel C4 on SecurityListing: Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.

Penetration Testing

PoshC2 on SecurityListing: A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.

Offensive Security

Lab of a Penetration Tester: Week of Evading Microsoft ATA on SecurityListing: A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection

Offensive Security

ParrotSec on SecurityListing: Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.

Guides

Operator Handbook: Red Team + OSINT + Blue Team Reference on SecurityListing: A detailed manual for cybersecurity professionals focusing on red team, OSINT, and blue team strategies.

Penetration Testing

Pivoting Cheat Sheet on SecurityListing: A pocket reference guide providing various options for navigating and pivoting through different environments and situations.

Offensive Security

TechTarget on SecurityListing: Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.

Offensive Security

State of Security on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Offensive Security

Covert Red Team Attack Infrastructure on SecurityListing: Back-end component for red team operations with crucial design considerations.

Offensive Security

Daniel Miessler/Unsupervised Learning on SecurityListing: Sysreptor offers a customizable reporting solution for offensive security assessments.

Offensive Security

Threatpost on SecurityListing: Sysreptor offers a customizable reporting solution for penetration testing and red teaming.

Security Operations

Bait and Switch Honeypot on SecurityListing: An active and aggressive honeypot tool for network security.

Offensive Security

Caldera on SecurityListing: Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.

AI Model Security

Akto 2025 State of Agentic AI Security Report on SecurityListing: AI agent and MCP security platform for discovery, testing, and guardrails

Penetration Testing

Randomized Malleable C2 Profiles Made Easy on SecurityListing: Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.

Offensive Security

LockBoxx on SecurityListing: Introduction to using GScript for Red Teams

Offensive Security

LeakIX on SecurityListing: LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.

Offensive Security

Troy Hunt on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

tfkr

Application Security

tfkr is an Emirati-based cybersecurity firm specializing in application security testing and offensive security training. The company focuses on identifying and mitigating vulnerabilities in software

Offensive Security

Security Intelligence on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Penetration Testing

ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution on SecurityListing: A technique for social engineering and untrusted command execution using ClickOnce technology

API Security

White Circle Control Your AI on SecurityListing: AI control layer for testing, protecting, observing, and optimizing AI apps

Offensive Security

Paving The Way to DA - Complete Post (Pt 1,2 & 3) on SecurityListing: A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.

Offensive Security

Bleeping Computer on SecurityListing: A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.

Offensive Security

The Hacker News on SecurityListing: The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.

Penetration Testing

Comodo Advanced Penetration Testing on SecurityListing: Professional penetration testing services for networks, apps, and systems

Guides

Security Guide Red Hat Enterprise Linux 7 on SecurityListing: The official security guide for Red Hat Enterprise Linux 7, providing detailed information on securing the operating system.

Offensive Security

The Security Ledger on SecurityListing: Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.

Offensive Security

WebDAV Covert Channel on SecurityListing: A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.

Offensive Security

Tao Security on SecurityListing: Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.

Penetration Testing

Bishop Fox AI/LLM Security Assessment on SecurityListing: AI/LLM security assessment service for testing AI systems and infrastructure

Offensive Security

The State of Security by Tripwire on SecurityListing: Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.

Penetration Testing

SSH Tunnelling to Punch Through Corporate Firewalls – Updated take on one of the oldest LOLBINs on SecurityListing: A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.