conducting-full-scope-red-team-engagement

Featured

Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using MITRE ATT&CK-aligned TTPs to evaluate an organization's detection and response capabilities.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Conducting Full-Scope Red Team Engagement ## Overview A full-scope red team engagement simulates real-world adversary behavior across all phases of the cyber kill chain — from initial reconnaissance through data exfiltration — to evaluate an organization's detection, prevention, and response capabilities. Unlike penetration testing, red team operations prioritize stealth, persistence, and objective-based scenarios that mimic advanced persistent threats (APTs). ## When to Use - When conducting security assessments that involve conducting full scope red team engagement - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Written authorization (Rules of Engagement document) signed by executive leadership - Defined scope including in-scope/out-of-scope systems, escalation contacts, and emergency stop procedures - Threat intelligence on relevant adversary groups (e.g., APT29, FIN7, Lazarus Group) - Red team infrastructure: C2 servers, redirectors, phishing domains, payload development environment - Legal review confirming compliance with Computer Fraud and Abuse Act (CFAA) and local laws ## Engagement Phases ### Phase 1: Planning and Threat Modeling Map the engagement to specific MITRE ATT&CK tactics and techniques based on the threat profile: | Kill Chain Phase | MITRE ATT&CK Tactic | Example Techniqu...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

executing-red-team-engagement-planning

Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE), threat model selection, and operational timelines before any offensive testing begins.

12,642 Updated today
mukul975
AI & Automation Featured

executing-red-team-exercise

Executes comprehensive red team exercises that simulate real-world adversary operations against an organization's people, processes, and technology. The red team operates with stealth as a primary objective, employing the full attack lifecycle from initial reconnaissance through objective completion while testing the organization's detection and response capabilities. This differs from penetration testing by focusing on adversary emulation rather than vulnerability identification. Activates for requests involving red team exercise, adversary simulation, adversary emulation, or full-scope offensive security assessment.

12,642 Updated today
mukul975
AI & Automation Featured

red-team-tactics

Red team tactics principles based on MITRE ATT&CK. Attack phases, detection evasion, reporting.

39,227 Updated today
sickn33
AI & Automation Solid

red-team

Use when planning or executing authorized red team engagements, attack path analysis, or offensive security simulations. Covers MITRE ATT&CK kill-chain planning, technique scoring, choke point identification, OPSEC risk assessment, and crown jewel targeting.

16,642 Updated yesterday
alirezarezvani
Data & Documents Solid

red-team-tactics

Red team tactics principles based on MITRE ATT&CK. Attack phases, detection evasion, reporting.

27,681 Updated today
davila7