Skip to content

Attempt to grind out the 100 offsec project challenges, conceptualized by github user, @kurogai, at his repo [https://github.com/kurogai/100-redteam-projects]

License

Notifications You must be signed in to change notification settings

scumdestroy/100-RedTeam-Projects

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

100-RedTeam-Projects

Attempt to grind out the 100 offsec project challenges, conceptualized by github user, @kurogai, at his repo [https://github.com/kurogai/100-redteam-projects]


Level 1 Basic Exemple
[0] TCP or UDP server just to receive messages ✔️
[1] TCP chat server ✔️
[2] UDP chat server ✔️
[3] Multi-threaded UDP or TCP chat server ✔️
[4] Server for file transfers ✔️
[5] Caesar Cipher tool ✔️
[6] TCP chat server -> The messages should be encoded with Caesar Cipher ✔️
[7] ROT13 Cipher ✔️
[8] UDP Chat server -> The messages should be encoded with ROT13 Cipher ✔️
[9] Remote command execution ✔️
[10] Recreate the Netcat tool ✔️

Level 2 Essential Exemple
[11] Simple port scanner ✔️
[12] Port scanner with OS fingerprint using TTL (Time To Live) ✔️
[13] Port scanner with port footprint (HTTP? DNS? FTP? IRC?) ✔️
[14] Simple Web Directory brute-forcer (Threaded) ✔️
[15] Recursive Web Directory brute-forcer (Threaded peer recursion) ✔️
[16] Web Login bruteforce tool ✔️
[17] FTP Login bruteforce tool ✔️
[18] SSH Login bruteforce tool ✔️
[19] FTP User footprint ✔️
[20] MYSQL User footprint ✔️
[21] Simple Google Bot for web scan ✔️
[22] Auto website comment bot ✔️
[23] Auto website message bot ✔️
[24] Web-scrapping using Regex ✔️
[25] Bot to collect information about someone using Google / Bing / Yahoo! ✔️
[26] Simple SQLi tester ✔️
[27] Simple XSS tester ✔️
[28] Simple Wordpress brute-forcer ✔️
[29] SQLi database retriever ✔️
[30] Spam creator ✔️

Level 3 Advanced Network Attacks Exemple
[31] Payload for reverse shell ✔️
[32] Payload to capture screenshots ✔️
[33] Implement a Botnet
[34] Passive web scanner ✔️
[35] ARP poisoning tool ✔️
[36] Application that creates random shortcuts on screen ✔️
[37] Application to encrypt a file ✔️
[38] Develop a Ransomware application ✔️
[39] Spam Email sender ✔️
[40] HTTP server for phishing ✔️
[41] Honeypot creator ✔️
[42] Application that connects to the Tor Network ✔️
[43] IRC Server ✔️
[44] Packet Capture tool ✔️

Level 4 Data analysis, payloads and more networking Exemple
[45] Packet Data analysis ✔️
[46] Packet image analysis with OpenCV ✔️
[47] Develop a hexdump tool ✔️
[48] Payload that moves the mouse cursor ✔️
[49] Vigenère Cipher ✔️
[50] Payload that starts automatically using Windows Regedit ✔️
[51] Payload that starts as a daemon ✔️
[52] Payload that retrieves browser information ✔️
[53] Link generator ✔️
[54] ASCII Name generator ✔️
[55] Full chat server with private messages, file and image transfer ✔️
[56] Simple firewall ✔️
[57] Gateway ✔️
[58] Powershell payload generator ✔️
[59] Bash payload generator ✔️
[60] Subdomain enumerator ✔️
[61] DNS Enumerator ✔️
[62] Your own interpreter nah, this crazy, the tutorials go up to part 23 for the most basic ones. smh
[63] Develop a Worm ✔️
[64] Server for DDOS ✔️
[65] Implement an IP Tracker ✔️
[66] BurpSuite extender
[67] Develop a Trojan ✔️ (Will not post, as it is currently FUDAF and stack with layers of encryption so deep it wouldn't be valuable)
[68] Man In The Browser tool (kind of) ✔️
[69] Process monitor (Windows and Linux) ✔️✔️
[70] Windows token privilege escalation tool

Level 5 Cryptography, Reverse Engineering and Post exploitation Exemple
[71] Develop a code injection tool ✔️
[72] Develop a Worm with auto replication over email ✔️
[73] Simple Disassembler ✔️
[74] Server for DDoS with multi-staged operations and multi-threaded handling of clients
[75] Password hash cracker ✔️
[76] Direct code injection exploit CVE-2023-3275 Discovered by me (@scumdestroy) 👑🐜🐞🪰
[77] Android daemon payload
[78] Browser exploitation tool
[79] Simple tool for Reverse Engineering ✔️
[80] Script for OS enumeration (after shell) ✔️ ✔️
[81] RSA Payload generator ✔️
[82] Handshake capture ✔️
[83] Wifi monitor ✔️
[84] Buffer Overflow exploit ✔️
[85] Stack Overflow exploit
[86] Banner exploit ✔️
[87] ISS Exploit ✔️
[88] Wifi de-authentication attack (DoS) tool ✔️
[89] Badchar detector ✔️
[90] Firewall detector ✔️
[91] Exploitation Framework ✔️ 🔥 https://github.com/scumdestroy/ArsonAssistant 🔥
[92] Botnet with SSH C&C and automatic server backup to prevent loss of control
[93] Windows enumeration tool ✔️
[94] Application information gathering (after shell) ✔️
[95] Recreate TCPDUMP ✔️
[96] Bluetooth exploit ✔️
[97] Windows Blue Screen Exploit ✔️
[98] Encoded exploit ✔️ (double kill, the AV bypassing payload mentioned in the line below is encoded and armed with other tricks too)
[99] Antivirus evasion application ✔️ (complete, but won't post here, as it would soon fail to evade any AV)
[100] Your own metasploit module ✔️ (a couple exist in my repo, "Pentester scripts for dangerous boys")

About

Attempt to grind out the 100 offsec project challenges, conceptualized by github user, @kurogai, at his repo [https://github.com/kurogai/100-redteam-projects]

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published