Red Team Engagements Writeup | TryHackMe
Learn the steps and procedures of a red team engagement, including planning, frameworks, and documentation.
Link: https://tryhackme.com/room/redteamengagements
Task 2: Defining Scope and Objectives
What CIDR range is permitted to be attacked?
Answer : 10.0.4.0/22
Is the use of white cards permitted? (Y/N)
Answer: Y
Are you permitted to access “*.bethechange.xyz?” (Y/N)
Answer: N
Task 3: Rules of Engagement
How many explicit restrictions are specified?
Answer : 3
What is the first access type mentioned in the document?
Answer: Phishing
Is the red team permitted to attack 192.168.1.0/24? (Y/N)
Answer: N
Task 6: Concept of Operations
How long will the engagement last?
Answer: 1 month
How long is the red cell expected to maintain persistence?
Answer : 3 weeks
What is the primary tool used within the engagement?
Answer: Cobalt Strike
Task 7: Resource Plan
When will the engagement end? (MM/DD/YYYY)
Answer: 11/14/2021
What is the budget the red team has for AWS cloud cost?
Answer: $1000
Are there any miscellaneous requirements for the engagement? (Y/N)
Answer: N
Task 8: Operations Plan
What phishing method will be employed during the initial access phase?
Answer: spearphishing
What site will be utilized for communication between the client and red cell?
Answer: vectr.io
If there is a system outage, the red cell will continue with the engagement. (T/F)
Answer: F
Task 9: Mission Plan
When will the phishing campaign end? (mm/dd/yyyy)
Answer: 10/23/2021
Are you permitted to attack 10.10.6.78? (Y/N)
Answer: N
When a stopping condition is encountered, you should continue working and determine the solution yourself, without a team lead. (T/F)
Answer: F