A Powerful Toolbox Made by Red Teamers for Red Teams

Outflank Security Tooling (OST) is a broad set of tools created by the red teaming specialists at Outflank. For years we have researched and developed powerful tools. Some of these tools we have shared with the public. Several others are too powerful for public release.

With OST, we bundle our internal tools and make these available as a service to others providing high-end offensive security services: red teaming, adversary simulation or advanced penetration testing services.

These tools allow you to simulate similar techniques to what some APTs and Organized Crime Groups apply but are not available in public tools. They also help all your team members to easily perform deep-technical and difficult tasks without hassle, with a guaranteed level and OPSEC safe. OST tools are explicitly developed to bypass defensive measures and detection tools.

OST will make your offensive security team perform more efficient.

Read the blog post on the OST release >

Get a Demo of OST

If you would like to see the OST toolkit in action, live demos are performed upon request. Complete the form and we’ll reach out to schedule a time that is most convenient for you.

OST Benefits for Your Red Team

Using the OST service has several benefits for your offensive team, including:

  1. Time Savings and Cost Efficiency: OST is continuously updated with new offensive Techniques and Procedures by a team of hackers and developers. This saves you significant time developing and maintaining a full internal toolkit.
  2. Intelligent Tools You Can Trust: The toolkit is developed and used by Outflank specialists. We hire some of the smartest people in the industry. They spend much time on research & development. We put this into a readily available toolkit built for performing in mature and sensitive target environments. This means your team can quickly upgrade their knowledge, technology and operations. Supported with extensive documentation, your team will know exactly what the tools do.
  3. Safely Increase Fire Power on Full Kill Chain: Smaller teams can punch above their weight by leveraging external development power. Our toolkit provides your team with shortcuts for hard stages like initial access, EDR evasion and OPSEC-safe lateral movement. OST includes techniques that have not yet been published or weaponized by other red teams.
  4. Compatibility with Other Red Team Tools: OST was developed to work in tandem to work with Fortra’s advanced adversary simulation tool, Cobalt Strike. Those with both Cobalt Strike and OST can take advantage of features that extend the reach of these two tools to further enhance testing efforts.

What’s In the Toolkit?

OST regularly adds new tools to provide the most effective solution possible. A sample of the current tooling includes:


Payload generator

Generate advanced and unique payloads. This tool contains a multitude of OPSEC and anti-forensic features to help you evade antivirus and EDR products. Easy to use for all your team members.


Office Intrusion Pack

Use high quality offensive macros for phishing with MS Office documents. This tool is built on our latest research and contains various non-public techniques to succeed in establishing initial access.


Stego loader

Hide your payloads in pictures using steganography. Just like some of the well-known APT groups do (e.g. APT29 and Turla).


Lateral pack

Stay under the radar of EDR products when moving lateral. This set of tools uses various modern and unpublished techniques.


Stage 1

Our pre-C2 toolkit. Perform OPSEC safe actions such as recon. Make an informed decision before increasing your footprint and smuggle full C2 frameworks such as Cobalt Strike, Mythic or Covenant past antivirus and EDR products.



Hidden interaction with your target’s desktop. It’s like magic. You can move the mouse and open GUI applications on a hidden desktop on the target machine. Don’t be fooled, this is so much more than VNC or RDP. The user can continue working. He has no indication of your presence. Perfect for post-exploitation actions on objectives, such as gaining access to a fat client payment application.

Red Team Bundles

Red teams can now take full advantage of OST’s interoperability with Cobalt Strike using the Red Team Bundle. Cobalt Strike’s mature, adaptable C2 framework allows a red teamer to simulate the tactics and techniques an advanced, embedded attacker. OST integrates directly with Cobalt Strike through BOFs and reflective DLL loading techniques, providing an OPSEC safe way to efficiently perform highly technical and difficult post-exploitation tasks.

Red teams can further expand their testing tool stack with Core Impact, an automated pen testing solution ideal for for exploitation and lateral movements in various environments. The Advanced Red Team Bundle combines OST, Cobalt Strike, and Core Impact, all three of which can interact with one another during engagements using session passing and tunneling capabilities.

Both bundles allow you to combine these security assessment solutions for a discounted price, simplifying security and centralizing your offensive strategy.

About Outflank

Outflank is a team of highly experienced professional security testers specializing in complex security engagements. They offer a range of expert services including advanced red teaming engagements, penetration tests, security training, and consulting. Based in Amsterdam, the team of experts works with prominent financial institutions, multinational firms and other parties. In 2021, they assembled and released Outflank Security Tooling (OST), a broad set of internal tools that have been carefully developed and maintained by members the Outflank team. Outflank has recently joined Fortra and will strongly complement and enhance Fortra’s expansive offensive security portfolio of vulnerability managementpenetration testing, and red teaming/adversary simulation solutions, all geared towards helping customers evaluate and prevent risk from many angles.

Learn More About OST

Visit the Outflank site to get more details on OST and the services the Outflank team offers.