Red Team Planning Document
A planning framework document designed to guide red team exercise preparation with focus on blue team value and learning outcomes. The document provides structured guidance for red team planning by contrasting against specific methodologies that prioritize blue team development and engagement. It emphasizes avoiding punitive approaches that could damage team morale or cohesion. The framework includes evaluation criteria to assess whether red team planning has been thoroughly considered for maximum blue team benefit. It identifies negative motivations that should be avoided, such as proving organizational insecurity, displaying dominance, or conducting shock-and-awe demonstrations. The document emphasizes the importance of stakeholder engagement and leadership sponsorship for successful exercise outcomes. It provides guidance on ensuring proper follow-up mechanisms and momentum generation from exercise learnings. The planning approach specifically avoids vulnerability enumeration exercises and basic detection mechanism testing in favor of more constructive engagement methods.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A YARA interactive debugger for the YARA language written in Rust, providing features like function calls, constant evaluation, and string matching.
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
Abusing SCF files to gather user hashes from an unauthenticated writable Windows-based file share.
Tool for attacking Active Directory environments through SQL Server access.
Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.
Redboto is a collection of scripts for red team operations against the AWS API.
Boofuzz is a network protocol fuzzing tool that aims to fuzz everything
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.