Skip to content

Latest commit

 

History

History

README.md

description Authorized offensive security resources for reconnaissance, exploitation, post-exploitation, Active Directory attacks, password attacks, and red team operations.

Red - Offensive Operations

Red Offensive is the home for authorized offensive security work: reconnaissance, scanning, exploitation, payloads, post-exploitation, lateral movement, Active Directory attacks, password attacks, red/purple teaming, wireless, social engineering, and physical security testing.

This section should not become a catch-all for every security resource. Passive OSINT belongs in Cyber Intelligence, web application testing belongs in Web App Hacking, malware analysis belongs in DFIR, and detection engineering belongs in Blue Defense.

How to Use This Section

Start with the engagement scope and rules of engagement. Then move through the pages based on where you are in the test:

{% content-ref url="scanning-active-recon/" %} scanning-active-recon {% endcontent-ref %}

{% content-ref url="exploitation-and-targets/" %} exploitation-and-targets {% endcontent-ref %}

{% content-ref url="testing-methodology/post-exploitation/" %} post-exploitation {% endcontent-ref %}

{% content-ref url="testing-methodology/active-directory.md" %} active-directory.md {% endcontent-ref %}

{% content-ref url="testing-methodology/lateral-movement.md" %} lateral-movement.md {% endcontent-ref %}

{% content-ref url="testing-methodology/password-attacks.md" %} password-attacks.md {% endcontent-ref %}

{% content-ref url="red-purple-teaming.md" %} red-purple-teaming.md {% endcontent-ref %}

{% content-ref url="offensive-toolbox/" %} offensive-toolbox {% endcontent-ref %}

Methodology and Engagement References

Web application testing resource lists are maintained in Web App Hacking.

{% content-ref url="../web-app-hacking/" %} web-app-hacking {% endcontent-ref %}

Cheat Sheets

OWASP cheat sheets are kept with web application testing unless they are directly tied to an offensive workflow on a Red page.

Notes and Reporting

Good offensive work depends on clean notes, reproducible commands, screenshots, and clear reporting.

Report Writing

Note Taking

Screenshots

Report Generation

Training

Offensive courses, labs, CTFs, TryHackMe rooms, and books live in Training.

{% content-ref url="../training/" %} training {% endcontent-ref %}