This project is a collection of technical resources, blueprints, and guides for building resilient and stealthy red team infrastructure. It provides a comprehensive framework for designing offensive security environments that resist detection and remain operational throughout security engagements. The repository distinguishes itself through detailed playbooks for adversary simulation and hardening manuals. It covers advanced obfuscation techniques such as domain fronting, the use of platform-as-a-service redirectors, and the leveraging of third-party content sites to inherit domain reputation
Mythic is a red teaming framework and command and control server designed for managing post-exploitation activities. It provides a centralized system for issuing tasks and receiving telemetry from agents deployed across diverse target platforms and operating systems. The platform features a collaborative operator interface that allows multiple security researchers to coordinate operations and track target activity within a shared environment. It supports the deployment and updating of diverse agent payloads through a multi-platform payload manager. The framework utilizes a plugin-based archi
Covenant is a .NET-based command and control framework designed for red team operations and adversary simulation. It serves as a collaborative platform for coordinating security assessments, managing remote implants, and executing tasks on compromised systems through a centralized server. The project is distinguished by its dynamic payload generator, which compiles and obfuscates executable binaries and scripts on the fly to bypass detection. It further separates itself through a collaborative environment that allows multiple authenticated operators to share a synchronized state, track operat
Caldera is an adversary emulation platform and command and control framework designed to simulate cyber attack patterns. It functions as an automated red team tool and threat framework orchestrator, executing attack sequences based on standardized cybersecurity threat frameworks to validate security defenses and detection capabilities. The platform distinguishes itself through the dynamic compilation of customized executable payloads and the use of framework-mapped adversary modeling to structure attack techniques. It manages asynchronous agents on targeted endpoints via a central server acce