Red Teaming is one of the most attractive fields in offensive security or ethical hacking. Every day professionals and students are learning, creating and exploiting all types of systems.
The internet is not only the most common means through which people interact and chat, but also a place where they are constantly exposed to a world where anyone can be monitored, exploited, tracked or scammed.
This is why us, programmers, take action; several of us continually try to protect this wonderful place while others, out of immaturity or shrewd interests, act in just the opposite direction.
If youβre interested in this field and want to join it, no matter your current level of knowledge, learning how to create your own tools will result in great advantage as a pentester.
So I put some thought into it and got the idea to create this project list aimed at anyone who is interested in learning βhow toβ not become the ultimate script kiddie.
Here I discriminate (based solely on my own experience) almost 100 types of projects that you should at least try to either implement or study.
I recommend you to do them on the programming language you are most comfortable with. Implementing these projects will definitely help you gain more experience and, consequently, master the language.
They are divided in categories, ranging from super basic to advanced projects.
If you enjoy this list please take the time to recommend it to a friend and follow me! I will be happy with that π
And remember: With great power comes⦠(we already know).
| Level 1 | Basic | Example |
|---|---|---|
| [0] | TCP or UDP server just to receive messages | βοΈ |
| [1] | TCP chat server | βοΈ |
| [2] | UDP chat server | βοΈ |
| [3] | Multi-threaded UDP or TCP chat server | βοΈ |
| [4] | Server for file transfers | βοΈ |
| [5] | Caesar Cipher tool | βοΈ |
| [6] | TCP chat server -> The messages should be encoded with Caesar Cipher | β |
| [7] | ROT13 Cipher | βοΈ |
| [8] | UDP Chat server -> The messages should be encoded with ROT13 Cipher | β |
| [9] | Remote command execution | βοΈ |
| [10] | Recreate the Netcat tool | βοΈ |
| Level 2 | Essential | Example |
|---|---|---|
| [11] | Simple port scanner | βοΈ |
| [12] | Port scanner with OS fingerprint using TTL (Time To Live) | β |
| [13] | Port scanner with port footprint (HTTP? DNS? FTP? IRC?) | β |
| [14] | Simple Web Directory brute-forcer (Threaded) | βοΈ |
| [15] | Recursive Web Directory brute-forcer (Threaded peer recursion) | βοΈ |
| [16] | Web Login bruteforce tool | β |
| [17] | FTP Login bruteforce tool | β |
| [18] | SSH Login bruteforce tool | βοΈ |
| [19] | FTP User footprint | β |
| [20] | MYSQL User footprint | β |
| [21] | Simple Google Bot for web scan | β |
| [22] | Auto website comment bot | β |
| [23] | Auto website message bot | β |
| [24] | Web-scrapping using Regex | β |
| [25] | Bot to collect information about someone using Google / Bing / Yahoo! | βοΈ |
| [26] | Simple SQLi tester | β |
| [27] | Simple XSS tester | β |
| [28] | Simple WordPress brute-forcer | β |
| [29] | SQLi database retriever | β |
| [30] | Spam creator | β |
For more information click here.
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…
Embark on the journey of becoming a certified Red Team professional with our definitive guide.…
This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…
This took me like 4 days (+2 days for an update), but I got it…
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…