Home

Awesome

בס״ד

<div align="center"> <h2 align="center"><a href="https://github.com/Anlominus">⚜️ Aภl๏miuภuຮ ⚜️</a></h2> <img align="center" width="100" src="https://user-images.githubusercontent.com/51442719/172729066-1293d382-4a31-4f03-8c23-ab0ea5f611a0.png">

HacKingPro<br>TryHackMe | KoTH<br>Privilege-Escalation<br>ScanPro | Linfo | Diablo<br>Offensive-Security | PenTest<br>Goals | Studies | HacKing | AnyTeam<br>

</div>
<div align="center">

RedTeam

<a href=""><br><img title="Made in ISRAEL" src="https://img.shields.io/badge/MADE%20IN-ISRAEL-blue?style=for-the-badge"></a>

image

RedTeam - Red Team Tools

RED TEAM DEVELOPMENT CHECKLIST

image

image

MITRE ATT&CK | OST Map | ATT&CK Navigator | Atomic Red Team

</div>

Cyber Kill ChainMITRE ATT&CK
ReconReconnaissance
WeaponizationExecution
DeliveryInitial Access
ExploitationInitial Access
InstallationPersistence / Defense Evasion
Command & ControlCommand and Control
Actions on ObjectivesExfiltration / Impact

Concept of Operation (CONOPS)

There is not a set standard of a CONOPS document;

Below is an outline of critical components that should be included in a CONOPS

Resource Plan

Mission Plan

PLANNING - RED TEAM ENGAGEMENT CHECKLIST

RED TEAM ENGAGEMENT GOAL PLANNING

COMMON GOALS: MEASURE AND OBSERVE ...


Rules of Engagement (RoE)


<div align="center">

Campaign planning

The campaign summary we will be using consists of four different plans varying in-depth and coverage adapted from military operations documents.

Type of PlanExplanation of PlanPlan Contents
Engagement PlanAn overarching description of technical requirements of the red team.CONOPS, Resource and Personnel Requirements, Timelines
Operations PlanAn expansion of the Engagement Plan. Goes further into specifics of each detail.Operators, Known Information, Responsibilities, etc.
Mission PlanThe exact commands to run and execution time of the engagement.Commands to run, Time Objectives, Responsible Operator, etc.
Remediation PlanDefines how the engagement will proceed after the campaign is finished.Report, Remediation consultation, etc.

Engagement Plan:

ComponentPurpose
CONOPS (Concept of Operations)Non-technically written overview of how the red team meets client objectives and target the client.
Resource planIncludes timelines and information required for the red team to be successful—any resource requirements: personnel, hardware, cloud requirements.

Operations Plan:

ComponentPurpose
PersonnelInformation on employee requirements.
Stopping conditionsHow and why should the red team stop during the engagement.
RoE (optional)-
Technical requirementsWhat knowledge will the red team need to be successful.

Mission Plan:

ComponentPurpose
Command playbooks (optional)Exact commands and tools to run, including when, why, and how. Commonly seen in larger teams with many operators at varying skill levels.
Execution timesTimes to begin stages of engagement. Can optionally include exact times to execute tools and commands.
Responsibilities/rolesWho does what, when.

Remediation Plan (optional):

ComponentPurpose
ReportSummary of engagement details and report of findings.
Remediation/consultationHow will the client remediate findings? It can be included in the report or discussed in a meeting between the client and the red team.
</div>

Alt


Tools

Shr3dKit Red Team Tool Kit

image

This tool kit is very much influenced by infosecn1nja's kit. Use this script to grab majority of the repos.

NOTE: hard coded in /opt and made for Kali Linux