This project is a technical guide and reference for internal network penetration testing. It serves as a collection of procedures for exploiting and navigating private corporate networks during security assessments. The repository provides specialized manuals and cheat sheets focused on active directory attacks, lateral movement, and privilege escalation. It includes a post-exploitation playbook for maintaining system persistence and clearing forensic traces. The documentation covers a broad range of security capabilities, including initial access, network pivoting and tunneling, and interna
OffensiveRust is a red team toolkit and malware development kit written in Rust. It serves as an evasion framework and post-exploitation library, providing a collection of offensive security primitives and a Windows API wrapper for interacting with low-level system functions and undocumented APIs. The project focuses on bypassing security software through direct system calls, memory obfuscation, and stealthy payload execution. It implements techniques to defeat static binary analysis via compile-time string encryption and payload obfuscation, while avoiding detection using parent process ID s
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Ladon is an internal network penetration scanner and vulnerability assessment tool designed to identify high-risk security flaws and assets across network segments. It operates as a fileless security scanner, executing its engine and modules directly in memory to avoid leaving a disk footprint on target systems. The project is distinguished by its integration as a plugin for command beacons, specifically within the Cobalt Strike framework. This allows for memory-resident network discovery and vulnerability detection. It further supports stealth operations through payload and script obfuscatio