介绍

这个项目是用来收集一些红蓝对抗以及ATT&CK相关的资料、工具等等的东西。

红蓝对抗

• Red-Team-links - 2019年红队资源链接，资源不是本人整理出来，来自互联网，因为流传的少，特意在此做个备份，做个分享。
• redteam-tips - 关于红队方面的学习资料
• RedTeam-BCS - BCS（北京网络安全大会）2019 红队行动会议重点内容
• offensiveinterview - 翻译国外的@WebBreacher的安全/渗透测试/红队面试题，有部分参考作用
• RedTeamer - 红方人员作战执行手册
• redteam-hardware-toolkit - Red Team Hardware Toolkit
• RedTeamPowershellScripts - Various PowerShell scripts that may be useful during red team exercise
• RedTeam-Tactics-and-Techniques - Red Teaming Tactics and Techniques
• redteam - Red Team Scripts by d0nkeys (ex SnadoTeam)
• AT-P-list - 攻防清单:用于整理当前收集的所有攻防相关资源
• The-Hackers-Hardware-Toolkit - The best hacker's gadgets for Red Team pentesters and security researchers.
• Shr3dKit - Red Team Tool Kit
• Awesome-Red-Teaming - List of Awesome Red Teaming Resources
• RedTeamTools - 红队相关的一些工具

远控

• Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
• Vayne-RaT - An Advanced C# .NET Rat, It’s Stable and Contains Many Features.
• C-Sharp-R.A.T-Server - This is a remote administration tool built with c#
• C-Sharp-R.A.T-Client - This is a c# client for the c# R.A.T server
• RemoteControl - 远程控制，类似于灰鸽子
• MosaiqueRAT - Mosaique - Remote administration tools
• C3 - Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
• Octopus - Open source pre-operation C2 server based on python and powershel
• Powershell-RAT - Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
• ThunderShell - Python / C# Unmanaged PowerShell based RAT
• Quasar - Remote Administration Tool for Windows

ShellCode

• BadOutlook - A simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a specific trigger subject line.

书籍资料

• ATTCK-PenTester-Book - ATTCK-PenTester-Book
• awesome-rat - RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
• Active-Directory-Pentest-Notes - 个人域渗透学习笔记
• wstg - The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
• Cobalt_Strike_wiki - Cobalt Strike系列
• pentest_study - 从零开始内网渗透学习
• MITRE-ATT-CK-CN - 红蓝对抗相关的脑图
• Micro8 - 渗透测试相关的知识总结
• DarthSidious-Chinese - DarthSidious 中文版
• Powershell-Attack-Guide - Powershell攻击指南----黑客后渗透之道
• redteam-notebook - Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.
• redtool - 日常积累的一些红队工具及自己写的脚本，更偏向于一些diy的好用的工具，并不是一些比较常用的msf/awvs/xray这种

密码相关工具

• mimikatz - A little tool to play with Windows security

内网穿透相关工具

• nps - 一款轻量级、高性能、功能强大的内网穿透代理服务器。

• frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

  ​

未分类

• ptf - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
• RedTeamCSharpScripts - C# Script used for Red Team

CobaltStrike插件

• BypassAV - Cobalt Strike插件，用于快速生成免杀的可执行文件
• Cobalt-Strike-Aggressor-Scripts - Cobalt Strike Aggressor 插件包
• Erebus - CobaltStrike后渗透测试插件
• taowu-cobalt-strike - 基于cobalt strike平台的红队自动化框架
• cobalt_strike_extension_kit - Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
• 0xthirteen/MoveKit - 一款功能强大的Cobalt Strike横向渗透套件

免杀

• BypassAntiVirus - 远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考
• AVByPass - 一款Web在线自动免杀工具

提权

• BadPotato - Windows 权限提升 BadPotato