#Red_Team_Tactics
1. Hijacking service workers via DOM Clobbering
https://portswigger.net/research/hijacking-service-workers-via-dom-clobbering
2. Abusing Reddit API to host the C2 traffic
https://github.com/kleiton0x00/RedditC2
3. Abusing JSON-Based SQL to Bypass WAF
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf

#Red_Team_Tactics
1. StealthHook - A method for hooking a function without modifying memory protection
https://www.x86matthew.com/view_post?id=stealth_hook
2. Frida script to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
3. pipe_buffer arbitrary read write
https://interruptlabs.co.uk/labs/pipe_buffer

#Red_Team_Tactics
BlackHat Europe 2022:
"Dirty Vanity: A New Approach to Code injection & EDR bypass".

]-> A PoC for the new injection technique, abusing windows fork API to evade EDRs:
https://github.com/deepinstinct/Dirty-Vanity

#tools
#Red_Team_Tactics
1. Talon - password guessing tool that targets the Kerberos/LDAP services within the Windows AD environment
https://github.com/optiv/Talon
2. Bypass Rails::Html::SafeListSanitizer filtering and perform an XSS attack
https://hackerone.com/reports/1656627
3. Tool which can help to get NT AUTHORITY\SYSTEM from arbitrary directory creation bugs
https://github.com/binderlabs/DirCreate2System

#Red_Team_Tactics
1. {JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
2. How To Exploit File Inclusion Vulnerabilities
https://infosecwriteups.com/how-to-exploit-file-inclusion-vulnerabilities-a-beginners-introduction-stackzero-a55267b5fafb

#Red_Team_Tactics
1. Blindside: A New Technique for EDR Evasion with Hardware Breakpoints
https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints
2. Raw sockets hacking
https://antonio-cooler.gitbook.io/coolervoid-tavern/port-knocking-from-the-scratch
]-> Secure shell using port Knocking technique with AES256-GCM: https://github.com/CoolerVoid/ninja_shell

#Red_Team_Tactics
In-Memory Execution in macOS
https://rtx.meta.security/post-exploitation/2022/12/19/In-Memory-Execution-in-macOS.html

#Red_Team_Tactics
1. Process reparenting in MS Windows
https://blog.trailofbits.com/2022/12/20/process-reparenting-microsoft-windows
2. CLI tool/library to enhance and speed up script/exploit writing with string conversion/manipulation
https://github.com/noraj/ctf-party

#Red_Team_Tactics
Using Leaking Sentinel Value to Bypass the Latest Chrome v8 HardenProtect
https://medium.com/@numencyberlabs/using-leaking-sentinel-value-to-bypass-the-latest-chrome-v8-hardenprotect-c4ed40e3d34f

#tools
#Red_Team_Tactics
1. Blindside - technique for evading the monitoring of EDR / XDR platforms using hardware breakpoints to inject commands
https://github.com/CymulateResearch/Blindside
2. Avoiding Detection with Shellcode Mutator
https://labs.nettitude.com/blog/shellcode-source-mutations
]-> https://github.com/nettitude/ShellcodeMutator

#Red_Team_Tactics
1. Divide And Bypass: A new Simple Way to Bypass AMSI
https://x4sh3s.github.io/posts/Divide-and-bypass-amsi
2. Pass-the-Challenge: Defeating Windows Defender Credential Guard
https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22

#Red_Team_Tactics
1. Writing Windows Kernel Drivers for Advanced Persistence
https://v3ded.github.io/redteam/red-team-tactics-writing-windows-kernel-drivers-for-advanced-persistence-part-1
2. 0 click Facebook Account Takeover and Two-Factor Authentication Bypass
https://medium.com/@yaala/account-takeover-and-two-factor-authentication-bypass-de56ed41d7f9

#tools
#Red_Team_Tactics
1. DROPS - Adversary Tool Command Generator / "Dynamic Cheat Sheet"
https://sygnialabs.github.io/DROPS
2. ScrapPY - utility for scraping manuals, documents, and other sensitive PDFs to generate targeted wordlists that can be utilized by offensive security tools
https://github.com/RoseSecurity/ScrapPY
3. Rust reflective loader
https://github.com/winsecurity/Offensive-Rust/tree/main/peloader64

#Threat_Research
#Red_Team_Tactics
"Autonomous Penetration Testing using Reinforcement Learning"
]-> Network Attack Simulator: https://github.com/Jjschwartz/NetworkAttackSimulator

#Red_Team_Tactics
1. NTLMRecon: identify commonly accessible NTLM authentication endpoints
https://github.com/praetorian-inc/NTLMRecon#installation
2. Bypass firewalls with of-CORs and typo-squatting
https://github.com/trufflesecurity/of-cors

#Red_Team_Tactics
1. Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://github.com/D1rkMtr/UnhookingPatch
2. A new AMSI Bypass technique using .NET ALI Call Hooking
https://github.com/pracsec/AmsiBypassHookManagedAPI
3. Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID
https://github.com/D1rkMtr/FilelessNtdllReflection

#Red_Team_Tactics
How To Attack Admin Panels Successfully
Part 1: https://infosecwriteups.com/how-to-attack-admin-panels-successfully-72c90eeb818c
Part 2: https://medium.com/geekculture/how-to-attack-admin-panels-successfully-part-2-9316c3caad3a

#Red_Team_Tactics
"PhiAttack: Rewriting the Java Card Class Hierarchy", 2021.

#Red_Team_Tactics
1. Avoid antivirus by hiding the import table
https://xz.aliyun.com/t/12035
2. Measuring, Reporting On, and Planning For Red Team Maturity
https://www.redteammaturity.com/release-blog
3. Measuring Sliver vs Havoc
https://git.culbertreport.com/posts/Sliver-vs-Havoc

#tools
#Red_Team_Tactics
1. Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
https://github.com/PaulNorman01/Forensia
2. VirusTotalC2 - Abusing VirusTotal API to host C2 traffic
https://github.com/D1rkMtr/VirusTotalC2