Introduction
In today’s ever-evolving threat landscape, red teams are expected to replicate the tactics of sophisticated adversaries while maintaining stealth and efficiency.
To meet these demands, organisations need more than just talent—they need the right tools. Fortra’s Outflank Security Tooling (OST) is designed to deliver exactly that: a powerful suite of offensive security tools, built by professional red teamers for use in real-world engagements.
Outflank Security Tooling (OST) is an essential toolkit for anyone involved in Red teaming, Penetration testing, or Vulnerability assessment.
Download slides for a business case for OST.
OST is a powerful toolbox made by red teamers for red teams.
OST is a dynamic and constantly evolving toolkit created by the experts at Outflank. Every member of the team has over a decade of hands-on red teaming experience, and their deep operational knowledge is reflected in every tool they produce.
Rather than relying on public repositories or spending excessive budgets building tools from scratch, organisations can now access this arsenal of capabilities through a single subscription.
This toolkit isn’t just a collection of scripts or proof-of-concept exploits. It’s a carefully developed platform that covers every phase of the attack chain that help with initial compromise, command and control (C2), lateral traversal and clean-up.
Watch OST Demo Videos. The tools in OST are categorised along the phases of a typical attack kill chain, In Phase, Through Phase and Out Phase.
The OST toolset is under continuous development.
OST includes a comprehensive suite of tools designed to help you identify and exploit vulnerabilities in your organisation’s systems and networks.
With OST, they bundle their internal tools for red teaming, adversary simulation or advanced penetration testing services. The toolkit provides shortcuts for hard stages like initial access, EDR evasion and OPSEC-safe lateral movement. OST includes techniques that have not yet been published or weaponised by other red teams.
There are currently 25+ tools available. These tools allow you to simulate similar techniques to what some APTs and Organized Crime Groups apply but are not available in public tools. OST tools are explicitly developed to bypass defensive measures and detection tools.
What makes OST particularly valuable is its ability to remain ahead of the curve.
Whether you’re conducting a penetration test, simulating an advanced persistent threat, or stress-testing a blue team’s detection capabilities, OST provides realistic, evasive methods that closely mirror those used by real-world threat actors.
Many of the included techniques are not available in public tools and have yet to be widely weaponised by other red teams.
The toolkit is updated frequently, with multiple releases, ensuring that subscribers always have access to the latest offensive tradecraft. This constant innovation removes the burden of in-house R&D, which can be costly and difficult to maintain—especially given the talent shortage in both red teaming and offensive development roles.
Download an Outflank Security Tooling summary PDF.
Integrations with other Fortra solutions.
One of the key strengths of OST is how seamlessly it integrates with other Fortra solutions, including Cobalt Strike and Core Impact.
This compatibility allows red teams to expand their capabilities without overhauling their existing workflows. Tasks that are typically time-consuming—like password cracking, network reconnaissance, or post-exploitation—can be automated, allowing teams to focus their efforts on complex, high-value aspects of their engagements.
By using OST, organisations can focus on their operational costs and productivity gains.
Even with the right personnel, in-house teams often struggle to produce more than a handful of tools annually due to the sheer complexity of the work. OST eliminates these barriers, offering cost-efficiency and scalability that are hard to match.
OST enables teams to stay ahead of defensive advancements, mitigates the risks associated with staff turnover, and ensures consistent service delivery, factors that contribute to higher client satisfaction and retention.
The OST toolkit includes everything from an Office Intrusion Pack for spear-phishing simulation, to the Sharpfuscator tool transforming (.NET) code in a way that hides its true behaviour from an antivirus or endpoint detection system allowing red-team operations to run their .NET components without triggering security defenses, to a FakeRansom, which delivers the psychological impact of a ransomware attack without the actual risk.
With OST, you can automate tedious and time-consuming tasks, such as password cracking, network reconnaissance, and post-exploitation, so you can focus on more complex and high-value activities.
Let us know if you want to receive an invitation to the next OST webinar to get your very own introduction and demonstration of the power of Outflank Security Tooling.