100 Days of Red Team

100 Days of Red Team

Home
Red Team Training
GitHub
YouTube
Uday Mittal's Substack
About
Using Velociraptor as C2
Velociraptor repurposed as C2: explore its powers, risks, and real-world misuse in red team operations.
  
Uday Mittal
Misusing SaaS app integrations for persistence
Learn how attackers abuse SaaS integrations for hidden persistence and re-entry into enterprise environments.
  
Uday Mittal
Red Team perspective on AWS VPC Lattice
Exploring AWS VPC Lattice and how attackers could abuse it for stealth, movement, and hidden access paths.
  
Uday Mittal

June 2025

The Art of Pretext: Building better backstories for social engineering - Part 3
Learn how to create research-backed, believable pretexts for social engineering ops.
  
Uday Mittal
The Art of Pretext: Building better backstories for social engineering - Part 2
Explore the key elements of a strong pretext that help red teams create convincing and resilient personas.
  
Uday Mittal
The Art of Pretext: Building better backstories for social engineering - Part 1
Learn why strong pretexts are vital for social engineering success and discover reasons why certain pretexts fail.
  
Uday Mittal
Abusing the AWS metadata API for privilege escalation
Learn how to leverage the AWS Metadata API to extract IAM role credentials and escalate privileges after compromising an EC2 instance.
  
Uday Mittal

May 2025

Ghost in the cloud: Abusing AWS SSM sessions for covert access
Learn how red teamers can abuse AWS SSM Session Manager to gain shell access to EC2 instances without SSH, public IPs, or open ports and escalate…
  
Uday Mittal
Red Team Infrastructure - Configure a domain name and SSL certificate via Terraform
Learn how to map the redirector machine to a domain name and configure a valid SSL certificate via Terraform.
  
Uday Mittal
Red Team Infrastructure - Deploying a redirector via Terraform
Learn how to deploy and configure a redirector machine in AWS via Terraform.
  
Uday Mittal
Red Team Infrastructure - Deploying Havoc C2 via Terraform
Learn how to deploy Havoc C2 (team server and client) in AWS via Terraform.
  
Uday Mittal
Red team infrastructure - EC2 Windows Server deployment with Terraform
Learn how to deploy a Windows Server 2022 EC2 instance via Terraform and install additional tools such as WSL, Python, C# etc.
  
Uday Mittal
© 2025 Uday Mittal
PrivacyTermsCollection notice
Start writingGet the app
Substack is the home for great culture