Outflank Security Tooling

Strengthening your red team with effective
tools, tradecraft, and a vetted community

Outflank Security Tooling (OST) is a broad set of evasive tools that cover every step in the attacker kill chain to effectively emulate real-world attack scenarios, enabling red teams to bypass advanced defensive measures and assess organizational resilience. It not only simplifies complex tasks, but also fosters a vibrant community for sharing and discussing the latest tradecraft, ensuring red teams remain at the forefront of offensive security.

As seasoned red teamers, the Outflank team has observed first-hand that modern red teams benefit most from cutting-edge tools when they are paired with broad support that allows them to create authentic, advanced adversary simulations. OST provides just that: a full set of dynamic resources for red teams, equipping them with the tools, expertise, and network needed to tackle the modern defensive landscape.

The Outflank Approach:
Tooling, Tradecraft, & Community

The efficacy of Outflank Security Tooling (OST) is based on three foundational elements to bolster red team efforts: the swift development of cutting-edge tools, sharing tradecraft, and fostering a vibrant user community.

TOOLS

OST is intended to cover every step of an engagement, from gaining an initial foothold to data exfiltration. This expanding, ample toolset contains over 30 tools that vary both in size and functionality. Cornerstone tools include:

  • Outflank C2 (formerly Stage1) – An optimized, OPSEC focussed custom C2 framework with support for implants on Windows, macOS and Linux
  • Payload Generator – A tool for creating advanced, OPSEC focussed payloads which can be used for every stage of an engagement. Bypass specific EDRs by the use of ‘EDR presets’ known sets of configuration parameters that bypass specific EDRs.
  • Lateral Pack – A tool facilitating evasive lateral movements in a target environment
  • SharpFuscator – A custom .NET obfuscator that offers enhanced stealth capabilities
  • Hidden Desktop – A tool enabling covert interaction on a target’s desktop  
  • PhisherPrice – A tool for quick and easy phishing for EntraID Device Codes

OST also includes many more tools of varying functionality and impact.

A full list of tools and their descriptions is available here.

TRADECRAFT

The team regularly offers technical deep dives which are recorded and available through the OST portal. Topics include quarterly updates, overview of current research projects, and broader discussions on relevant security topics. Past topics include: EDR evasion, Office security tradecraft, PowerShell Tradecraft, OPSEC tricks for attacking Azure AD with ROADtools, and a deep dive into Windows Kernel Drivers. Users have exclusive access to these live sessions as well as their recordings. More information on OST’s extensive tradecraft offerings is available here.

VETTED COMMUNITY

OST users are given access to a private Slack channel where they can safely interact with other operators and the Outflank team. It serves as a hub that facilitates collaboration, shared learning, and knowledge exchange with fellow red teamers. More information on the benefits of joining the OST community is available here.

Robust Research and Rapid Development Pace

OST has a high pace of development in order to keep in step with and ahead of advancements being made by adversarial groups and advanced cybercriminals. Our commitment to innovation has resulted in an average release every two weeks, which contains OPSEC improvements, bug fixes, and new tradecraft, along with one to two new tools per quarter. These tools allow red teamers to offer realistic engagements that simulate the latest attack techniques and relevant threats. A timeline of new tools and updates allows users to stay up-to-date on the latest releases as well as track the growth of the toolset.

The Outflank team is also dedicated to continuous improvement and regularly releases updates to enhance existing tools. An essential element of these updates is the incorporation of user feedback, which allows us to utilize real-world testing results from the user community, as well as from our own engagements. This ensures that tools remain reliable and effective in different environments and evolve in ways that are valuable to active red teamers.

To complement the research and development from our own specialists, we also exclusively contract with external offensive security specialists to provide additional research and enhancements to our tools.

Tool Delivery & Support

Available via online portal and Slack

OST is accessible to users via an online portal that provides easy access, thorough technical and operational documentation, continuous updates, and new tool additions.

Tool support is given via Slack. The Outflank team monitors this private user community to provide support.

OST is offered in a subscription model. Screening and export regulations rules apply.

Interoperability with Cobalt Strike and Other C2s

FortraAt Outflank we understand that your red team operations may require the use of a multitude of C2s. That is why OST is intended to work with other C2 frameworks to enable red teams to maximize their engagements by offering a broader spectrum of attack vectors and methodologies. This versatility is crucial for accurately simulating the tactics, techniques, and procedures of real-world adversaries, who often employ a wide range of tools and approaches to achieve their objectives.

OST was especially developed to work in tandem with Cobalt Strike, the well-established adversary simulation solution.  Cobalt Strike’s mature, adaptable C2 framework allows a red teamer to simulate the tactics and techniques of an advanced, embedded attacker. OST integrates directly with Cobalt Strike in multiple ways:

  • OST tools like Payload Generator, Outflank C2 and Beacon Booster can take raw CS payloads from Cobalt Strike and other C2 frameworks and obfuscate it to improve their OPSEC.
  • Other tools of OST that come in BOF form can be loaded into Cobalt Strike and other C2 frameworks directly to enhance its usability.

Red teams can now take full advantage of OST’s interoperability with Cobalt Strike using the Red Team Bundle, which combines these two security assessment solutions for a discounted price.

Get Started

For more information about OST, you can view our datasheet here. Follow us on Twitter where we periodically illustrate some of our tools, or schedule a live demonstration.

WATCH DEMO VIDEOS

View a series of short demo
videos showcasing our tools.

SCHEDULE A LIVE DEMO

Receive a live demonstration of
Outflank Security Tooling.

REQUEST PRICING

Start the purchase process
by requesting a quote.

Run better red team operations with our toolkit

Reach out to us »

Other services

We provide you with the best experts and aim for the highest quality.

Training

Improve the skills and
knowledge of your
security team.

Learn more »

Red teaming and
attack simulation

Prepare your organisation
for real digital attacks.

Learn more »