Ethredix Ethredix
CS

Red Teaming

Comprehensive real attack simulation on your organization testing people, processes and technologies simultaneously.

Multi-vector Attack

Combination of phishing, social engineering and technical attacks for realistic APT simulation.

Defense Testing

Verification of SIEM/EDR/SOC detection capabilities and incident response procedures.

Stealth Operations

Covert operations mimicking advanced persistent threats with minimal detection.

Attack Kill Chain

1. Reconnaissance

OSINT information gathering about company, employees, technologies and partners from public sources.

LinkedIn scraping, GitHub repos, domain enumeration, leaked credentials

2. Initial Access

Gaining initial access through spear phishing, USB dropping, or exploitation of public services.

Targeted phishing, rogue WiFi, physical intrusion, supply chain

3. Persistence

Ensuring long-term access through backdoors, scheduled tasks or registry modifications.

WMI persistence, Golden Ticket, DLL hijacking

4. Privilege Escalation

Gaining higher privileges through kernel exploits, misconfigurations or AD attacks.

Token impersonation, UAC bypass, service exploits

5. Lateral Movement

Movement across network to compromise critical systems and data.

Pass-the-hash, psexec, RDP hijacking, Kerberos attacks

6. Data Exfiltration

Simulated theft of sensitive data to demonstrate impact of successful attack.

DNS tunneling, HTTPS exfil, cloud storage upload

Tested Areas

People (Social Engineering)

  • → Spear phishing campaigns
  • → Vishing (phone attacks)
  • → Physical intrusion attempts
  • → Tailgating and badge cloning
  • → Dumpster diving

Technology (Technical Attacks)

  • → External network penetration
  • → Internal network exploitation
  • → Web application attacks
  • → Wireless network compromise
  • → Cloud infrastructure testing

Process (Detection & Response)

  • → SIEM/EDR detection capabilities
  • → SOC alerting effectiveness
  • → Incident response time
  • → Communication procedures
  • → Escalation paths

Physical Security

  • → Access control testing
  • → CCTV blind spots
  • → Reception social engineering
  • → Lock picking (with permission)

Deliverables

Executive Report

  • → Attack timeline visualization
  • → Compromised assets overview
  • → Detection gaps analysis
  • → Business impact assessment

Technical Report

  • → TTPs used (MITRE ATT&CK mapping)
  • → IoCs for SIEM/EDR tuning
  • → Exploited vulnerabilities
  • → PoC screenshots/videos

Detection Report

  • → Missed detections analysis
  • → Alert fatigue assessment
  • → SIEM rule recommendations
  • → Purple team exercises suggestions

Improvement Roadmap

  • → Quick wins (0-30 days)
  • → Medium term (1-6 months)
  • → Strategic improvements (6-12 months)

Engagement Types

Assumed Breach

Starting with internal access (domain user) and testing lateral movement and privilege escalation.

Duration: 1-2 weeks

Full Scope

Complete attack chain from reconnaissance to data exfiltration including physical testing.

Duration: 3-6 weeks

Purple Team

Collaborative approach with blue team for immediate detection improvement and knowledge transfer.

Duration: 2-4 weeks

Book Red Teaming