January 29

Webinar takeaway: Atomic Red Team Hands-on Getting Started Guide

0  comments

file

My key takeaways

  • The Atomic Red Team Project (ART) is a open source library of scripted attacks
  • ART uses the MITRE ATT&CK Matrix as structure
  • ART emulates what an Attacker might do after compromise; msf tries to make use of vulns in software
  • Emulating attacks helps to improve detection of attacks and comparing security products
  • Vectr.io is a feature rich tool and report framework for purple team collaboration
  • Atomics can be executed manually. Better use the PowerShell Execution Framework: Invoke-AtomicRedTeam
  • Windows Defender doesn’t like ART, put it on the exclude list

Env

additional links


Tags

blue team, simulation, webinar takeaway


You may also like

Webinar takeaway – How to Detect and Respond to Business Email (M365) Compromise

Webinar takeaway – How to Detect and Respond to Business Email (M365) Compromise

Webinar takeaway: Hacking Packet Captures: The Foundations of Network Security

Webinar takeaway: Hacking Packet Captures: The Foundations of Network Security
Leave a Reply

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit markiert.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}