Red Team
The red team simulates the TTP’s of a most likely adversary and tries to get at the crown jewels (usually a flag).
These are writeups made from our adventures in the forest, huge and wild, a digital landscape formed by nature’s own processes and humanoid activities and neglect throughout decades.
In
- The lodge (environments, testlabs, and tools used)
- Falconry (information gathering, initial port scanning)
- Lay of the land (enumeration, identifying vulnerabilities)
- A foothold in the cloud (attack infrastructure as code)
- A pocketful of acorns (physical attacks)
- A canopy of apple-blossom (web application hacking)
- API mayhem (hacking APIs)
- Head in the clouds (hacking cloud applications)
- Riches in the ground (network attacks)
- A vast amphibious wilderness of swamp and forest (IoT)
Through
- The grove (for a simplified impression)
- Monkeys know which trees to climb (exploitation and escalation)
- Woodpeckers (buffer overflow exploits)
- Nature's cheats (evasion techniques)
- Beyond the readable (cryptanalysis)
- Cracking nuts (binary analysis)
- Forest fire (a red teaming trail)
- Mythical blue lake (Active Directory hacks)