Red Team Engagements Writeup | TryHackMe

Learn the steps and procedures of a red team engagement, including planning, frameworks, and documentation.

Link: https://tryhackme.com/room/redteamengagements

Task 2: Defining Scope and Objectives

What CIDR range is permitted to be attacked?

Answer : 10.0.4.0/22

Is the use of white cards permitted? (Y/N)

Answer: Y

Are you permitted to access “*.bethechange.xyz?” (Y/N)

Answer: N

Task 3: Rules of Engagement

How many explicit restrictions are specified?

Answer : 3

What is the first access type mentioned in the document?

Answer: Phishing

Is the red team permitted to attack 192.168.1.0/24? (Y/N)

Answer: N

Task 6: Concept of Operations

How long will the engagement last?

Answer: 1 month

How long is the red cell expected to maintain persistence?

Answer : 3 weeks

What is the primary tool used within the engagement?

Answer: Cobalt Strike

Task 7: Resource Plan

When will the engagement end? (MM/DD/YYYY)

Answer: 11/14/2021

What is the budget the red team has for AWS cloud cost?

Answer: $1000

Are there any miscellaneous requirements for the engagement? (Y/N)

Answer: N

Task 8: Operations Plan

What phishing method will be employed during the initial access phase?

Answer: spearphishing

What site will be utilized for communication between the client and red cell?

Answer: vectr.io

If there is a system outage, the red cell will continue with the engagement. (T/F)

Answer: F

Task 9: Mission Plan

When will the phishing campaign end? (mm/dd/yyyy)

Answer: 10/23/2021

Are you permitted to attack 10.10.6.78? (Y/N)

Answer: N

When a stopping condition is encountered, you should continue working and determine the solution yourself, without a team lead. (T/F)

Answer: F