ReddRadar
Topic: red-team
873 skills in this topic.
-
browser-exploitation
Exploit browser-based attack surfaces: malicious extension crafting for bot interaction scenarios, Chrome DevTools Protocol abuse on exposed debug ports, and browser profile/cache data extraction from compromised hosts.
blacklanternsecurity/red-run 126
-
command-injection
Guide OS command injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
cors-misconfiguration
Exploit CORS (Cross-Origin Resource Sharing) misconfigurations during authorized penetration testing.
blacklanternsecurity/red-run 126
-
csrf
Exploit Cross-Site Request Forgery (CSRF) vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
deserialization-java
Exploit Java deserialization vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
idor
Exploit Insecure Direct Object Reference (IDOR) and broken access control vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
jwt-attacks
Exploit JWT (JSON Web Token) vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
lfi
Guide Local File Inclusion (LFI) and Remote File Inclusion (RFI) exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
oauth-attacks
Exploit OAuth 2.0 and OpenID Connect vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
password-reset-poisoning
Exploit password reset vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
php-code-injection
Exploit PHP code evaluation injection via eval(), assert(), preg_replace /e, create_function(), call_user_func(), usort() callbacks, and runtime function creation (runkit, uopz). Distinct from OS command injection (shell operators) and SSTI (template engines) — this targets direct PHP code evaluation of user input.
blacklanternsecurity/red-run 126
-
python-code-injection
Exploit Python eval(), exec(), and compile() injection in web applications. Distinct from OS command injection (shell operators) and SSTI (template engines) — this targets direct Python code evaluation of user input.
blacklanternsecurity/red-run 126
-
request-smuggling
Guide HTTP request smuggling exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
smb-share-webshell
Deploy webshells to IIS, Apache, or Tomcat web roots via SMB share write access. Use when a domain user has write access to a file share that maps to a web server's document root — write a webshell via smbclient/net use, then trigger it via HTTP for RCE. Covers PHP, ASPX, and JSP webshells, .NET impersonation for same-host lateral movement, and internal site discovery.
blacklanternsecurity/red-run 126
-
source-code-review
Security-focused source code review. Identifies hardcoded credentials, injection sinks, authentication weaknesses, and framework-specific vulnerabilities. Use when application source code is available for review.
blacklanternsecurity/red-run 126
-
sql-injection-error
Guide error-based SQL injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
sql-injection-stacked
Guide stacked query SQL injection and second-order injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ssrf
Guide server-side request forgery (SSRF) exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ssti-freemarker
Guide Freemarker/Java server-side template injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ssti-jinja2
Guide Jinja2/Python server-side template injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ssti-twig
Guide Twig/PHP server-side template injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
tomcat-manager-deploy
Deploy WAR files via Apache Tomcat Manager for remote code execution. Use when Tomcat Manager is accessible with valid credentials (manager-script or manager-gui role). Covers WAR generation, deployment via text API and HTML interface, reverse shell delivery, and cleanup. Common initial access vector after credential discovery via LFI, default creds, or config file exposure.
blacklanternsecurity/red-run 126
-
web-discovery
Discover web application injection points and route to the correct exploitation skill during authorized penetration testing.
blacklanternsecurity/red-run 126
-
xss-reflected
Guide reflected XSS exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126