Red Team

General

HackTricksopen in new window
- The canonical reference
The Hacker Recipesopen in new window
- Another great reference
ired.teamopen in new window
- Another great reference
Red team toolkitopen in new window
Awesome red teamopen in new window
Searchable Metasploit Module Libraryopen in new window
The Penetration testers Frameworkopen in new window
Blue Team Con: Going Atomicopen in new window
Using Cutting-Edge Threat Simulation to Harden the Microsoft Enterprise Cloudopen in new window
GhostPackopen in new window
- A number of security tools
Adversary Emulation Libraryopen in new window
MITRE ATT&CK Campaignsopen in new window
Frichetten/toolsopen in new window
- A variety of red teaming tools, but notable because a fair few seem pretty specialized

Tradecraft

Public Pentest Reports

Windows

Windows domain hardeningopen in new window
Windows privesc cheatsheetsopen in new window
Priv2Adminopen in new window
- Token fun
Bypass forbidden cmd.exe and Powershellopen in new window
Null sessions and user enumopen in new window
- rpcclient isn't necessarily as reliable as NSE smb-enum-users - it can yield false negatives. Article provides extra RPC functions (NetLogon/MS-NRPC) for the same/similar purposes
AD Pentesting Notesopen in new window
AD Security blogopen in new window
Impacket scriptsopen in new window
AD-Attack-Defenseopen in new window
- Tons of notes on AD attack/defense
Active-Directory-Exploitation-Cheat-Sheetopen in new window
COM Objects P.1: The Hidden Backdoor in Your Systemopen in new window
Group Policy Searchopen in new window
Windows & Active Directory Exploitation Cheat Sheet and Command Referenceopen in new window
Low Level Pleasureopen in new window
- Blog about Windows internals, reversing, malware

Pre-Compiled Binaries