A Red Team works in a covert manner on a focused target of testing using “extreme” techniques.
According to DoDD 8570.1, a Red Team is: “An independent, focused threat-based effort by an interdisciplinary, simulated adversary to expose and exploit vulnerabilities to improve IS security posture.”
We have an experienced Red Team with skills in several areas of penetration testing.
A Red Team exercise is an authorized, adversary-based assessment for defensive purposes, and may include:
- Developing attack vectors
- Performing reconnaissance or stake-out
- Collecting open-source intelligence
- Footprinting system networks and services
- Developing exploit payloads to gain entry and escalate privileges, likely through:
- Software errors (bugs, buffer overflows, unhandled input, race conditions)
- System mis-configuration (default settings, backdoors, security holes)
- Sniffing (network and protocol monitoring)
- Password cracking
- Operating system or protocol mis-configuration
- Social engineering
- Performing system monitoring or capture a “flag”
- Developing backdoors, manipulate audit logs, etc.
- Developing extensive reporting to detail problem areas to be addressed