100 Red Team Projects for Pentesters and Network Managers
Red Teaming is one of the most attractive fields in offensive security or ethical hacking.Every day professionals and students are learning, creating and exploiting all types ofsystems. The internet is not only the most common means through which people interactand chat, but also a place where they are constantly exposed to a world where anyone can be monitored,exploited, tracked or scammed.
This is why us, programmers, take action; several of us continually try to protect thiswonderful place while others, out of immaturity or shrewd interests, act in just the opposite direction.If you're interested in this field and want to join it, no matter your current level of knowledge, learninghow to create your own tools will result in great advantage as a pentester.
So I put some thought into it and got the idea to create this project list aimed at anyone who is interestedin learning "how to" not become the ultimate script kiddie. Here I discriminate (based solely on my own experience)almost 100 types of projects that you should at least try to either implement or study.
I recommend you to do them on the programming language you are most comfortable with. Implementing theseprojects will definitely help you gain more experience and, consequently, master the language. They are dividedin categories, ranging from super basic to advanced projects.
If you enjoy this list please take the time to recommend it to a friend and follow me! I will be happy with that :)
And remember: With great power comes... (we already know).
| Level 1 | Basic |
|---|---|
| [0] | TCP or UDP server just to receive messages |
| [1] | TCP chat server |
| [2] | UDP chat server |
| [3] | Multi-threaded UDP or TCP chat server |
| [4] | Server for file transfers |
| [5] | Caesar Cipher tool |
| [6] | TCP chat server -> The messages should be encoded with Caesar Cipher |
| [7] | ROT13 Cipher |
| [8] | UDP Chat server -> The messages should be encoded with ROT13 Cipher |
| [9] | Remote command execution |
| [10] | Recreate the Netcat tool |
| Level 2 | Essential |
|---|---|
| [11] | Simple port scanner |
| [12] | Port scanner with OS fingerprint using TTL (Time To Live) |
| [13] | Port scanner with port footprint (HTTP? DNS? FTP? IRC?) |
| [14] | Simple Web Directory brute-forcer (Threaded) |
| [15] | Recursive Web Directory brute-forcer (Threaded peer recursion) |
| [16] | Web Login bruteforce tool |
| [17] | FTP Login bruteforce tool |
| [18] | SSH Login bruteforce tool |
| [19] | FTP User footprint |
| [20] | MYSQL User footprint |
| [21] | Simple Google Bot for web scan |
| [22] | Auto website comment bot |
| [23] | Auto website message bot |
| [24] | Web-scrapping using Regex |
| [25] | Bot to collect information about someone using Google / Bing / Yahoo! |
| [26] | Simple SQLi tester |
| [27] | Simple XSS tester |
| [28] | Simple Wordpress brute-forcer |
| [29] | SQLi database retriever |
| [30] | Spam creator |
| Level 3 | Advanced Network Attacks |
|---|---|
| [31] | Payload for reverse shell |
| [32] | Payload to capture screenshots |
| [33] | Implement a Botnet |
| [34] | Passive web scanner |
| [35] | ARP poisoning tool |
| [36] | Application that creates random shortcuts on screen |
| [37] | Application to encrypt a file |
| [38] | Develop a Ransomware application |
| [39] | Spam Email sender |
| [40] | HTTP server for phishing |
| [41] | Honeypot creator |
| [42] | Application that connects to the Tor Network |
| [43] | IRC Server |
| [44] | Packet Capture tool |
| Level 4 | Data analysis, payloads and more networking |
|---|---|
| [45] | Packet Data analysis |
| [46] | Packet image analysis with OpenCV |
| [47] | Develop a hexdump tool |
| [48] | Payload that moves the mouse cursor |
| [49] | Vigenère Cipher |
| [50] | Payload that starts automatically using Windows Regedit |
| [51] | Payload that starts as a daemon |
| [52] | Payload that retrieves browser information |
| [53] | Link generator |
| [54] | ASCII Name generator [ just for fun :) ] |
| [55] | Full chat server with private messages, file and image transfer |
| [56] | Simple firewall |
| [57] | Gateway |
| [58] | Powershell payload generator |
| [59] | Bash payload generator |
| [60] | Subdomain enumerator |
| [61] | DNS Enumerator |
| [62] | Your own interpreter |
| [63] | Develop a Worm |
| [64] | Server for DDOS |
| [65] | Implement an IP Tracker |
| [66] | BurpSuite extender |
| [67] | Develop a Trojan |
| [68] | Man In The Browser tool (kind of) |
| [69] | Process monitor (Windows and Linux) |
| [70] | Windows token privilege escalation tool |
| Level 5 | Cryptography, Reverse Engineering and Post exploitation |
|---|---|
| [71] | Develop a code injection tool |
| [72] | Develop a Worm with auto replication over email |
| [73] | Simple Disassembler |
| [74] | Server for DDoS with multi-staged operations and multi-threaded handling of clients |
| [75] | Password hash cracker |
| [76] | Direct code injection exploit |
| [77] | Android daemon payload |
| [78] | Browser exploitation tool |
| [79] | Simple tool for Reverse Engineering |
| [80] | Script for OS enumeration (after shell) |
| [81] | RSA Payload generator |
| [82] | Handshake capture |
| [83] | Wifi monitor |
| [84] | Buffer Overflow exploit |
| [85] | Stack Overflow exploit |
| [86] | Banner exploit |
| [87] | ISS Exploit |
| [88] | Wifi de-authentication attack (DoS) tool |
| [89] | Badchar detector |
| [90] | Firewall detector |
| [91] | Exploitation Framework |
| [92] | Botnet with SSH C&C and automatic server backup to prevent loss of control |
| [93] | Windows enumeration tool |
| [94] | Application information gathering (after shell) |
| [95] | Recreate TCPDUMP |
| [96] | Bluetooth exploit |
| [97] | Windows Blue Screen Exploit |
| [98] | Encoded exploit |
| [99] | Antivirus evasion application |
| [100] | Your own metasploit module |
Adding your examples
You can make a pull request for the "Projects" directory and name the file incompliance with the following convention:
[ID] PROJECT_NAME - <LANGUAGE> | AUTHOR
Example:
[91] Web Exploitation Framework - <C> | EONRaider
-
https://handsontable.com/blog/articles/2016/3/5-successful-business-models-for-web-based-open-source-projects Even if you don’t imagine your open-source project becoming next year’s hottest unicorn, a
-
问题内容: 当我有一个with时,它并不是100%: 现在,当您调整窗口大小时,会有一个水平滚动条,然后向右滚动,则背景消失了。在这种情况下如何保持背景? 现在,当您调整窗口大小并向右滚动时,您将不再看到背景。如何解决这个问题? 问题答案: 100%值是父级宽度或视口的100%。请参阅文档。
-
HTTP 100 Continue信息状态响应代码表明目前为止的所有内容都是正常的,并且客户端应该继续请求或者如果它已经完成则忽略它。 要让服务器检查请求的标题,客户端必须在其初始请求中发送Expect: 100-continue标题,并且在发送主体之前接收100 Continue状态码作为响应。 状态 100 Continue 规范 规范 标题 RFC 7231,第6.2.1节:100 Cont
-
问题内容: 我使用此 CSS将最大高度设置为 谁能给我一个普遍的答案, 和 之间有什么区别? 问题答案: 这是W3Clink的解释: 以下算法描述了两个属性[min-height和max-height]如何影响’height’属性的使用值: 临时使用的高度是根据上面“计算高度和边距”下的规则计算的(不包括“最小高度”和“最大高度”)。 如果此暂定高度大于“最大高度”,则会再次应用上述规则,但是这次
-
问题内容: 我正在尝试扩展一些以填充屏幕,但是我很挣扎。我已经解决了这个jsfiddle的问题。 我真正想知道的是,当其父项具有相同的属性并且会扩展时,为什么100%的不会扩展到那个高度(或根本不扩展)? 问题答案: CSS 2.1规范涵盖了该问题: < 百分比> 指定百分比高度。相对于生成的盒子的包含块的高度计算百分比。如果未明确指定包含块的高度(即,它取决于内容的高度),并且该元素的位置不是绝
-
网易互娱第三题刚好熟悉相关方法,侥幸过了。 第1题 模拟题 (AC) 第2题 有效长方形面积 (90% 超时) N个长方形,可能互相覆盖。若两个长方形存在覆盖面积(area>0),则两个长方形为有效长方形。计算有效长方形的覆盖面积。(0 <= x,y <= 1000) 求满分过程(划掉,原来最多只有一个重叠,在计算是否重叠时就直接处理好了,哭了) 第3题 手机屏锁 (AC) 手机屏锁,9个点,问使
-
机试前两题不难,第三题坑好多,最后也没AK 做了个比较简洁的实现,用python的locals()+eval(),其实可以很好处理加减乘除。 import sys d = locals() for line in sys.stdin: line = line.strip().replace("/", "//") if line.startswith("let "):