R

red-team

A low-level network analysis and packet inspection framework for security professionals, penetration testers, and researchers. Features SSH cryptographic analysis, DNS threat detection, TCP sequence analysis, and real-time protocol dissection.

Abusing Microsoft Office Macros for Client-Side Code Execution (Educational Lab)

This project demonstrates a controlled and educational lab environment for studying client-side attacks through Microsoft Word macro execution.

The lab simulates a realistic phishing scenario where a macro-enabled Word document (.docm) executes predefined VBA actions upon user interaction (e.g., “Enable Content”).

The purpose of this repository is to help students understand:

How macro-based attacks work

How client-side execution chains operate

How organizations can detect and defend against malicious Office documents

Mapping techniques to MITRE ATT&CK

All payloads in this repository are lab-safe and designed strictly for academic use in a controlled, offline testing environment.

This repository includes:

Full lab setup (Kali Linux + Windows 10)

Macro structure & analysis

Documentation (OSCP-style report)

MITRE ATT&CK mapping

Demo screenshots & optional video

⚠️ Disclaimer: This project is designed exclusively for educational purposes and must only be executed inside an isolated lab environment. Do not use these techniques on systems where you do not have explicit permission.

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

For more information visit https://dheatattack.com

PoC lab mô phỏng kỹ thuật Abusing Windows Library Files for Client-Side RCE (Library-ms → WebDAV → LNK → PowerShell → reverse shell). Repo gồm hướng dẫn dựng lab trên Kali + Windows 10, payloads, sơ đồ attack chain, screenshot và video demo, viết theo style báo cáo Red Team / OSCP.

A Free, Open-Source Remote Administration Tool for Windows

Pulsar is a lightweight, fast, and powerful remote administration tool written in C#. Whether you're providing user support, handling daily admin tasks, or monitoring employees, Pulsar offers high stability and an intuitive interface—making it your go-to solution for remote administration.

This is a tool for obfuscating functions in C/C++ programs on Windows. It hides what a function does by changing its code while the program is running, moves that code to another place in memory, and uses Windows exception handling to jump to the moved code when the function is called.

Powershell Empire in Docker