foyl · red
Think like the attacker.
Break the chain first.
Offensive methodology, technique library, and red team tooling for adversary simulation and penetration testing.
Methodology · Tools live
5 tactic pages · interactive terminals
Split Red/Blue view on all techniques
Engagement Methodology
ATT&CK Technique Library
TA0043
Reconnaissance→
OSINT, passive scanning, target profiling.
2 techniques
TA0042
Resource Development
Domains, C2 infrastructure, accounts.
TA0001
Initial Access→
Phishing, exposed services, supply chain.
1 technique
TA0002
Execution
Running malicious code on systems.
TA0003
Persistence
Maintaining access across reboots.
TA0004
Privilege Escalation
Local admin, domain admin, SYSTEM.
TA0005
Defense Evasion
AMSI bypass, log clearing, LOTL.
TA0006
Credential Access→
Password spray, Kerberoasting, LSASS.
2 techniques
TA0007
Discovery
Users, shares, trusts, processes.
TA0008
Lateral Movement→
PtH, WMI, PSExec, RDP pivoting.
1 technique
TA0009
Collection
Files, emails, screenshots, keylogging.
TA0011
Command & Control
C2 channels, beaconing, tunneling.
TA0010
Exfiltration→
Staged archives, cloud uploads, DNS tunnel.
1 technique
TA0040
Impact
Ransomware, data destruction, defacement.
Offensive Tooling
Recon & OSINT→
Shodan · theHarvester · Recon-ng · Amass · SpiderFoot
Scanning & Discovery→
Nmap · Masscan · Nuclei · Nikto · Feroxbuster
Exploitation→
Metasploit · SQLmap · Burp Suite · ExploitDB
Active Directory→
BloodHound · Impacket · Rubeus · CME
Post-Exploitation→
Mimikatz · WinPEAS · LinPEAS · PowerView
C2 Frameworks→
Cobalt Strike · Sliver · Havoc · Brute Ratel
Reference
Report Writing Guide
Executive summary, finding structure, CVSS scoring, severity classification, evidence documentation.
Cheat Sheets
nmap, hashcat, BloodHound Cypher, AD LDAP queries, reverse shells, Linux & Windows privesc.