Powered By TEKGENX CONSULTING
Views: 26Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective. Before continuing further, please refer this article which details the procedure to setup Caldera on ParrotOS. For this scenario, we will emulate the following … Read more
Views: 11Introduction MITRE Caldera is a powerful adversary emulation platform used for cybersecurity testing and red teaming. However, recent attempts to install Caldera on Ubuntu and Kali Linux have been met with issues—primarily due to the newer Python 3.13 versions. In contrast, installing Caldera on ParrotOS 6.3 (Lorikeet) has been a flawless experience. This blog … Read more
Views: 12This is the PART II article in the Atomic RED series. Please follow this link to read PART I of the series. Listing Atomic Techniques We can use the parameters – ShowDetailsBrief and ShowDetails that provide the details inside an Atomic file. The output shows that ShowDetailsBrief lists the available tests in the specified Atomic and its corresponding Atomic … Read more
Views: 16Overview What is Atomic Red Atomic Red Team is an open-source framework designed for security testing and threat emulation. It allows security professionals to simulate real-world cyberattacks and assess the effectiveness of security controls and incident response processes. Supported Platforms Atomic Red Team can be used across multiple platforms: Platform Type Supported Platforms Operating … Read more
Views: 160Adversary emulation with Caldera and Wazuh Please visit here to read PART I of this series, which explains the Caldera setup and Windows agent installation. Agent setup Deploy Agents on Linux machines Now, the lab consists of 2 Windows victims and 1 Linux victim, as reported by Caldera below. Configure Sysmon on Windows victims … Read more
Views: 109CALDERA™ is an open-source framework designed to run autonomous adversary emulation exercises efficiently. It enables users to emulate real-world attack scenarios and assess the effectiveness of their security defences. In addition, it provides a modular environment for red team engagements, supporting red team operators for the manual execution of TTPs and blue teamers for automated … Read more
Views: 13Enumeration & Brute Force Authentication enumeration is a fundamental aspect of security testing, concentrating specifically on the mechanisms that protect sensitive aspects of web applications; this process involves methodically inspecting various authentication components ranging from username validation to password policies and session management. Each of these elements is meticulously tested because they represent potential … Read more
Views: 39 Purpose of Threat Emulation Threat emulation is meant to assist security teams and organisations, in general, in better understanding their security posture and their defence mechanisms and performing due diligence in their compliance. These questions are addressed through cyber security assessments, mainly red team engagements, vulnerability assessments and penetration tests. Vulnerability assessments are … Read more
Views: 56
Views: 56 Non-Meterpreter We can execute the msfvenom –list-payloads command to see a brief description about all of the payloads msfvenom can offer, if we want to know specific information about the payload, executing a msfvenom -p payload –list-options will list all of the options avalible in the payload. Binaries Staged Payloads for Windows x86 … Read more