RED Teaming: Mythic C2 Framework

This entry is part 14 of 20 in the series Red Team Engagements

Views: 13Disclaimer: This post is created solely for educational and research purposes. The techniques, tools, and concepts discussed are intended to enhance cybersecurity awareness and skills by demonstrating how offensive security testing works. Unauthorized access to computer systems is a criminal offense and subject to severe penalties. Always practice these techniques in a controlled lab environment or with explicit permission from the … Read more

Installing OpenBAS: The OpenSource Breach and Attack Simulation

This entry is part 12 of 20 in the series Red Team Engagements

Views: 20Introduction In today’s rapidly evolving cybersecurity landscape, organizations need robust tools to test their security posture and validate their defenses. OpenBAS (Open Breach and Attack Simulation) emerges as a powerful open-source platform that enables security teams to conduct comprehensive security exercises, simulate realistic attack scenarios, and assess organizational resilience against cyber threats. This guide … Read more

Command & Control Mastery with Covenant C2: PART-I

This entry is part 11 of 20 in the series Red Team Engagements

Views: 40In the realm of cybersecurity, especially within red teaming and penetration testing, Command and Control (C2) frameworks are pivotal. They facilitate the management of compromised systems, enabling operators to execute commands, maintain persistence, and exfiltrate data. Among the various C2 frameworks available, Covenant C2 stands out due to its unique features and capabilities. 🔍 … Read more

Caldera: Simulating a Complete Attack Chain

This entry is part 10 of 20 in the series Red Team Engagements

Views: 114Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective. Before continuing further, please refer this article which details the procedure to setup Caldera on ParrotOS. For this scenario, we will emulate the following … Read more

Installing Caldera on ParrotOS: A Smoother Experience Compared to Ubuntu and Kali Linux

This entry is part 9 of 20 in the series Red Team Engagements

Views: 53Introduction MITRE Caldera is a powerful adversary emulation platform used for cybersecurity testing and red teaming. However, recent attempts to install Caldera on Ubuntu and Kali Linux have been met with issues—primarily due to the newer Python 3.13 versions. In contrast, installing Caldera on ParrotOS 6.3 (Lorikeet) has been a flawless experience. This blog … Read more

Atomic Red Team – A Framework for Threat Emulation: PART II

This entry is part 8 of 20 in the series Red Team Engagements

Views: 46This is the PART II article in the Atomic RED series. Please follow this link to read PART I of the series. Listing Atomic Techniques We can use the parameters – ShowDetailsBrief and ShowDetails that provide the details inside an Atomic file.  The output shows that ShowDetailsBrief lists the available tests in the specified Atomic and its corresponding Atomic … Read more

Atomic Red Team – A Framework for Threat Emulation: PART I

This entry is part 7 of 20 in the series Red Team Engagements

Views: 39Overview What is Atomic Red Atomic Red Team is an open-source framework designed for security testing and threat emulation. It allows security professionals to simulate real-world cyberattacks and assess the effectiveness of security controls and incident response processes. Supported Platforms Atomic Red Team can be used across multiple platforms: Platform Type Supported Platforms Operating … Read more

Operationalizing Security: CALDERA Meets WAZUH (PART II)

This entry is part 2 of 20 in the series Red Team Engagements

Views: 263Adversary emulation with Caldera and Wazuh Please visit here to read PART I of this series, which explains the Caldera setup and Windows agent installation. Agent setup Deploy Agents on Linux machines Now, the lab consists of 2 Windows victims and 1 Linux victim, as reported by Caldera below. Configure Sysmon on Windows victims … Read more

Operationalizing Security: CALDERA Meets WAZUH (PART I)

This entry is part 1 of 20 in the series Red Team Engagements

Views: 185CALDERA™ is an open-source framework designed to run autonomous adversary emulation exercises efficiently. It enables users to emulate real-world attack scenarios and assess the effectiveness of their security defences. In addition, it provides a modular environment for red team engagements, supporting red team operators for the manual execution of TTPs and blue teamers for automated … Read more

Web Attacks

This entry is part 2 of 4 in the series Offensive Testing Enterprise Networks

Views: 18Enumeration & Brute Force Authentication enumeration is a fundamental aspect of security testing, concentrating specifically on the mechanisms that protect sensitive aspects of web applications; this process involves methodically inspecting various authentication components ranging from username validation to password policies and session management. Each of these elements is meticulously tested because they represent potential … Read more