Introduction¶

What?¶

Simulating hacker-style attacks on network assets to detect and exploit security misconfiguration, network vulnerabilities, and threats like open ports, vulnerable devices, or outdated software running on the network.

Why?¶

To build experience with threat intelligence and network penetration testing to replicate accurately a full scenario of a targeted attack against an entire organisation including people, processes and technologies.

How?¶

• Attacktive directory

• Attacking kerberos

Counter moves¶

Introduction is the variant in play. The same network hygiene applies under exercise conditions: segmentation, filtering, and monitoring. Seen from the other side, this sits in the blue notes on traffic patterns as evidence.