Red Teaming is one of the most attractive fields in offensive security or ethical hacking. Every day professionals and students are learning, creating and exploiting all types of systems.
The internet is not only the most common means through which people interact and chat, but also a place where they are constantly exposed to a world where anyone can be monitored, exploited, tracked or scammed.
This is why us, programmers, take action; several of us continually try to protect this wonderful place while others, out of immaturity or shrewd interests, act in just the opposite direction.
If youβre interested in this field and want to join it, no matter your current level of knowledge, learning how to create your own tools will result in great advantage as a pentester.
So I put some thought into it and got the idea to create this project list aimed at anyone who is interested in learning βhow toβ not become the ultimate script kiddie.
Here I discriminate (based solely on my own experience) almost 100 types of projects that you should at least try to either implement or study.
I recommend you to do them on the programming language you are most comfortable with. Implementing these projects will definitely help you gain more experience and, consequently, master the language.
They are divided in categories, ranging from super basic to advanced projects.
If you enjoy this list please take the time to recommend it to a friend and follow me! I will be happy with that π
And remember: With great power comes⦠(we already know).
| Level 1 | Basic | Example |
|---|---|---|
| [0] | TCP or UDP server just to receive messages | βοΈ |
| [1] | TCP chat server | βοΈ |
| [2] | UDP chat server | βοΈ |
| [3] | Multi-threaded UDP or TCP chat server | βοΈ |
| [4] | Server for file transfers | βοΈ |
| [5] | Caesar Cipher tool | βοΈ |
| [6] | TCP chat server -> The messages should be encoded with Caesar Cipher | β |
| [7] | ROT13 Cipher | βοΈ |
| [8] | UDP Chat server -> The messages should be encoded with ROT13 Cipher | β |
| [9] | Remote command execution | βοΈ |
| [10] | Recreate the Netcat tool | βοΈ |
| Level 2 | Essential | Example |
|---|---|---|
| [11] | Simple port scanner | βοΈ |
| [12] | Port scanner with OS fingerprint using TTL (Time To Live) | β |
| [13] | Port scanner with port footprint (HTTP? DNS? FTP? IRC?) | β |
| [14] | Simple Web Directory brute-forcer (Threaded) | βοΈ |
| [15] | Recursive Web Directory brute-forcer (Threaded peer recursion) | βοΈ |
| [16] | Web Login bruteforce tool | β |
| [17] | FTP Login bruteforce tool | β |
| [18] | SSH Login bruteforce tool | βοΈ |
| [19] | FTP User footprint | β |
| [20] | MYSQL User footprint | β |
| [21] | Simple Google Bot for web scan | β |
| [22] | Auto website comment bot | β |
| [23] | Auto website message bot | β |
| [24] | Web-scrapping using Regex | β |
| [25] | Bot to collect information about someone using Google / Bing / Yahoo! | βοΈ |
| [26] | Simple SQLi tester | β |
| [27] | Simple XSS tester | β |
| [28] | Simple WordPress brute-forcer | β |
| [29] | SQLi database retriever | β |
| [30] | Spam creator | β |
For more information click here.
This Python script for Linux can analyze Microsoft Windows *.msi Installer files and point out…
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks…
Discover your application security risks and vulnerabilities in only a few minutes. In this guide…
The idea behind waymore is to find even more links from the Wayback Machine than…
The Pycript extension for Burp Suite is a valuable tool for penetration testing and security…
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and…