18 open-source projects similar to extravenger/oseplayground, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best OSEPlayground alternative.
Commando VM is a Windows-based penetration testing distribution and offensive security virtual machine. It serves as a toolset manager for deploying and maintaining a curated collection of security tools, scripts, and configurations designed for security auditing, red teaming, and adversary simulation. The project automates the provisioning of a specialized workstation by using PowerShell scripts and a modular repository to orchestrate the installation of offensive security software. It utilizes a community-driven package manager to handle dependency resolution and binary installations, ensur
Caldera is an adversary emulation platform and command and control framework designed to simulate cyber attack patterns. It functions as an automated red team tool and threat framework orchestrator, executing attack sequences based on standardized cybersecurity threat frameworks to validate security defenses and detection capabilities. The platform distinguishes itself through the dynamic compilation of customized executable payloads and the use of framework-mapped adversary modeling to structure attack techniques. It manages asynchronous agents on targeted endpoints via a central server acce
Commando-VM is a Windows penetration testing distribution and offensive security toolkit. It provides a specialized virtual machine environment loaded with a curated suite of security auditing and exploitation tools designed for red teaming operations. The project facilitates the creation of red team infrastructure and security audit environments. It focuses on windows security auditing and penetration testing to help simulate adversary behavior and identify exploitable security flaws. The environment is established through script-based provisioning and modular toolset deployment. This proce
Apfell is a red teaming framework and command and control server designed for collaborative adversary simulation. It provides a centralized infrastructure to manage remote agents and distribute tasking across multiple operating systems using a message broker for real-time synchronization. The system functions as a distributed agent orchestrator, allowing teams to coordinate complex attack chains and synchronize container data. It features a multi-platform payload manager that enables the downloading and integration of custom agents and command profiles from remote repositories. The platform
Havoc is a post-exploitation framework used for red team operations. It provides a centralized command and control system for managing remote agents through persistent network connections and customizable communication profiles. The framework focuses on security evasion and stealth, utilizing indirect syscall execution, return address spoofing, and hardware-breakpoint patching to bypass endpoint detection and response tools. It includes a payload generation workflow to create executable shellcode or DLLs for initial remote access. The system covers a broad range of operational capabilities,
This repo contains information about EDRs that can be useful during red team exercise.
Just a place to store some of my pre-course research notes.
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
This is a repository of notes and material that I consider necessary in advance to opt for the course and the OSEP certification (Techniques of Evasion and Breaching Defenses)
I am a Masters Student in information Security, with keen interest in infrastructure security. Worked as an intern, Volunteer and Freelancer for a couple of companies. Participated in CTF's, solved boxes in HTB, TryHackMe, Proving Grounds, etc. I would design home labs to test and practice, but…
This project is a collection of technical resources, blueprints, and guides for building resilient and stealthy red team infrastructure. It provides a comprehensive framework for designing offensive security environments that resist detection and remain operational throughout security engagements. The repository distinguishes itself through detailed playbooks for adversary simulation and hardening manuals. It covers advanced obfuscation techniques such as domain fronting, the use of platform-as-a-service redirectors, and the leveraging of third-party content sites to inherit domain reputation
My thoughts from going through the OSEP materials.