Red Team Essentials
Advanced ยท 10 tools
Core tools for simulated adversary operations in enterprise environments. This kit covers command and control infrastructure, Active Directory attack paths, and lateral movement techniques used in red team engagements. Designed for operators running assumed-breach assessments against Windows-dominant networks.
C2 & Infrastructure
Establish and maintain covert communication channels with implants on target systems. Sliver provides a modern C2 framework with mutual TLS and DNS tunneling, Ligolo-ng and Chisel create encrypted tunnels for pivoting through network segments, and ScareCrow generates EDR-evasive loaders for initial payload delivery.
Active Directory
Map and exploit Active Directory attack paths from initial foothold to domain compromise. BloodHound visualizes privilege escalation routes through AD relationships, Rubeus handles Kerberos abuse including roasting and delegation attacks, and Certipy exploits misconfigured certificate templates for privilege escalation via AD CS.
Lateral Movement
Move between systems using legitimate protocols and stolen credentials. Impacket provides Python implementations of Windows network protocols for remote execution, CrackMapExec automates credential spraying and command execution across subnets, and Mimikatz extracts plaintext passwords, hashes, and Kerberos tickets from memory.
