| description | Authorized offensive security resources for reconnaissance, exploitation, post-exploitation, Active Directory attacks, password attacks, and red team operations. |
|---|
Red Offensive is the home for authorized offensive security work: reconnaissance, scanning, exploitation, payloads, post-exploitation, lateral movement, Active Directory attacks, password attacks, red/purple teaming, wireless, social engineering, and physical security testing.
This section should not become a catch-all for every security resource. Passive OSINT belongs in Cyber Intelligence, web application testing belongs in Web App Hacking, malware analysis belongs in DFIR, and detection engineering belongs in Blue Defense.
Start with the engagement scope and rules of engagement. Then move through the pages based on where you are in the test:
{% content-ref url="scanning-active-recon/" %} scanning-active-recon {% endcontent-ref %}
{% content-ref url="exploitation-and-targets/" %} exploitation-and-targets {% endcontent-ref %}
{% content-ref url="testing-methodology/post-exploitation/" %} post-exploitation {% endcontent-ref %}
{% content-ref url="testing-methodology/active-directory.md" %} active-directory.md {% endcontent-ref %}
{% content-ref url="testing-methodology/lateral-movement.md" %} lateral-movement.md {% endcontent-ref %}
{% content-ref url="testing-methodology/password-attacks.md" %} password-attacks.md {% endcontent-ref %}
{% content-ref url="red-purple-teaming.md" %} red-purple-teaming.md {% endcontent-ref %}
{% content-ref url="offensive-toolbox/" %} offensive-toolbox {% endcontent-ref %}
- PTES Technical Guidelines - Penetration Testing Execution Standard.
- OSSTMM 3 - Open Source Security Testing Methodology Manual.
- ISECOM - Community behind OSSTMM and related security methodology resources.
- NIST SP 800-115 - Technical Guide to Information Security Testing and Assessment.
- HackTricks
- The Hacker Recipes
- iRed Team
- Guif.re
- Hakluke: Hacking Without Metasploit
- Pentest Wiki
- Penetration Testing Pasties
- The Red Team Handbook
Web application testing resource lists are maintained in Web App Hacking.
{% content-ref url="../web-app-hacking/" %} web-app-hacking {% endcontent-ref %}
- Awesome Pentest Cheat Sheets
- Cheatsheet God
- HighOn.Coffee Penetration Testing Cheat Sheet
- SANS Cheat Sheets
OWASP cheat sheets are kept with web application testing unless they are directly tied to an offensive workflow on a Red page.
Good offensive work depends on clean notes, reproducible commands, screenshots, and clear reporting.
- TrustedSec Physical Security Assessment Documentation
- Black Hills Pentest Reports
- Zeltser: Writing Tips for IT Professionals
- Zeltser: Security Assessment Report Cheat Sheet
- Zeltser: Human Communications Cheat Sheet
- CherryTree
- Joplin
- OneNote
- Obsidian
- Trilium
- asciinema - Terminal session recording.
- KeepNote - Legacy note-taking tool. Kept only for historical references and old OSCP-style workflows.
- Ghostwriter
- APTRS
- National CPTC Report Examples
- TJ-JPT
- OSCP Exam Report Template
- Fransr Template Generator
- BugBountyTemplates
- Public Pentesting Reports
Offensive courses, labs, CTFs, TryHackMe rooms, and books live in Training.
{% content-ref url="../training/" %} training {% endcontent-ref %}