# Red Team - [Attack Infrastructure](https://www.vincentyiu.com/red-team/attack-infrastructure.md) - [CloudFlare for IP Address Filtering](https://www.vincentyiu.com/red-team/attack-infrastructure/cloudflare-for-ip-filtering.md): Filter IP addresses for common security solutions - [Azure Apps for Command and Control](https://www.vincentyiu.com/red-team/attack-infrastructure/azure-apps-for-command-and-control.md): Azure Apps are often subject to subdomain takeovers, or you might even want to use Azure Apps for Command and Control! - [CobaltSplunk](https://www.vincentyiu.com/red-team/attack-infrastructure/cobaltsplunk.md) - [Backdooring PE Files](https://www.vincentyiu.com/red-team/archived.md) - [Backdoor 101](https://www.vincentyiu.com/red-team/archived/backdoor-101.md) - [Backdoor 102](https://www.vincentyiu.com/red-team/archived/backdoor-102.md) - [Backdoor 103](https://www.vincentyiu.com/red-team/archived/backdoor-103.md) - [Cloud Security](https://www.vincentyiu.com/red-team/cloud-security.md) - [CloudFront Domain Hijacks under Attack](https://www.vincentyiu.com/red-team/cloud-security/cloudfront-domain-hijacks-under-attack.md) - [Vultr Domain Hijacking](https://www.vincentyiu.com/red-team/cloud-security/vultr-domain-hijacking.md) - [CloudFlare for Command and Control](https://www.vincentyiu.com/red-team/cloud-security/cloudflare-for-command-and-control.md) - [Command and Control](https://www.vincentyiu.com/red-team/domain-fronting.md) - [TryCloudFlare Infrastructure and Domain Fronting](https://www.vincentyiu.com/red-team/domain-fronting/trycloudflare-infrastructure-and-domain-fronting.md): Use TryCloudFlare's free service for reverse NAT tunnels, and at the same time, domain front to hide the real identity of the server. - [Domain Fronting using StackPath CDN](https://www.vincentyiu.com/red-team/domain-fronting/domain-fronting-using-stackpath-cdn.md): A guide to setting up domain fronting, and exploring additional quirks that StackPath can provide. - [HAMMERTHROW: Rotate my domain](https://www.vincentyiu.com/red-team/domain-fronting/hammerthrow-rotate-my-domain.md): HAMMERTHROW is an aggressor script for CobaltStrike that rotates your command and control domains automatically. - [Domain Fronting via. CloudFront Alternate Domains](https://www.vincentyiu.com/red-team/domain-fronting/domain-fronting-via.-cloudfront-alternate-domains.md) - [Validated CloudFront SSL Domains](https://www.vincentyiu.com/red-team/domain-fronting/validated-cloudfront-ssl-domains.md) - [Domain Fronting: Who Am I?](https://www.vincentyiu.com/red-team/domain-fronting/domain-fronting-who-am-i.md) - [Host Header Manipulation](https://www.vincentyiu.com/red-team/domain-fronting/host-header-manipulation.md) - [Finding Target-relevant Domain Fronts](https://www.vincentyiu.com/red-team/domain-fronting/finding-target-relevant-domain-fronts.md) - [Alibaba CDN Domain Fronting](https://www.vincentyiu.com/red-team/domain-fronting/alibaba-cdn-domain-fronting.md) - [TOR Fronting — Utilising Hidden Services to Hide Attack Infrastructure](https://www.vincentyiu.com/red-team/domain-fronting/tor-fronting-utilising-hidden-services-to-hide-attack-infrastructure.md) - [General Exploitation](https://www.vincentyiu.com/red-team/cve-exploitation.md) - [Payload Generation with CACTUSTORCH](https://www.vincentyiu.com/red-team/cve-exploitation/payload-generation-with-cactustorch.md) - [Exploiting CVE-2017–8759: SOAP WSDL Parser Code Injection](https://www.vincentyiu.com/red-team/cve-exploitation/exploiting-cve-2017-8759-soap-wsdl-parser-code-injection.md) - [Exploiting CVE-2017–0199: HTA Handler Vulnerability](https://www.vincentyiu.com/red-team/cve-exploitation/exploiting-cve-2017-0199-hta-handler-vulnerability.md) - [F# Shellcode Execution](https://www.vincentyiu.com/red-team/cve-exploitation/f-shellcode-execution.md) - [Bypassing Gmail Attachment Virus Check](https://www.vincentyiu.com/red-team/cve-exploitation/untitled.md): Bypass Gmail's Attachment Virus Check for PowerShell Macros - [IPFuscation](https://www.vincentyiu.com/red-team/cve-exploitation/ipfuscation.md) - [Hardware and Gadgets](https://www.vincentyiu.com/red-team/hardware-and-gadgets.md) - [USBNinja](https://www.vincentyiu.com/red-team/hardware-and-gadgets/usbninja.md) - [Aorus Gaming Box for Password Cracking](https://www.vincentyiu.com/red-team/hardware-and-gadgets/aorus-gaming-box-for-password-cracking.md) - [Proxmark Adventures 101](https://www.vincentyiu.com/red-team/hardware-and-gadgets/proxmark-adventures-101.md) - [Poor man’s guide to Raspberry Pi initial installation](https://www.vincentyiu.com/red-team/hardware-and-gadgets/untitled-1.md): Install Raspberry Pi without a monitor - [Post Exploitation](https://www.vincentyiu.com/red-team/post-exploitation.md) - [Introducing ANGRYPUPPY](https://www.vincentyiu.com/red-team/post-exploitation/introducing-angrypuppy.md) - [RDPInception](https://www.vincentyiu.com/red-team/post-exploitation/rdpinception.md) - [VLAN Attacks](https://www.vincentyiu.com/red-team/post-exploitation/vlan-attacks.md): Quick reference to attacking VLANs - [Reconaissance](https://www.vincentyiu.com/red-team/reconaissance.md) - [Reconnaissance using LinkedInt](https://www.vincentyiu.com/red-team/reconaissance/reconnaissance-using-linkedint.md) - [DomLink — Automating domain discovery](https://www.vincentyiu.com/red-team/reconaissance/domlink-automating-domain-discovery.md) - [OffensiveSplunk vs. Grep](https://www.vincentyiu.com/red-team/reconaissance/offensivesplunk-vs.-grep.md) - [Misc](https://www.vincentyiu.com/red-team/misc.md) - [Under the wire: Trebek — Walkthrough](https://www.vincentyiu.com/red-team/misc/under-the-wire-trebek-walkthrough.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.vincentyiu.com/red-team.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.