Skip to content →
Get A Demo Contact Us
Get the latest Javelin news directly to your inbox

Javelin vs. Red-Team, Fight!

Want create site? Find Free WordPress Themes and plugins.

Red-Team is the best simulation you can do to improve your network security against APTs.


 

In a high level, there are 3 main phases:

  1. Initial compromise or intrusion of the target network – usually phishing email or drive-by download.
  2. Post-exploitation – reconnaissance and lateral movement
  3. Exfiltration – infinite number of ways, game over if it comes to this point.

 

When it comes to Active Directory’s Red-Team operation, it’s very common to finish it quickly by dumping the LSASS and finding the Domain Admin.

Last week, byt3bl33d3r released a Python script that leverages Empire Rest API and automatically executes the common post-exploitation techniques—credentials lookup using GPP or Mimikatz, lateral movement using invoke-WMI, and some more methodologies—to find the Holy Grail a.k.a Domain Admin.

 

There are obviously many ways to complete your job as a Red-Teamer. I recommend reading this nice post:
https://threatintel.eu/2017/06/03/red-teaming-tips-by-vincent-yiu/

 

Javelin Networks to the Rescue

Javelin’s main mission is to prevent lateral movement no matter the size of the network. We know how hard it is to protect it with the current solutions because we’ve tried doing it. In the following video, you can see what would happen to a Red-Team trying to do some post-exploitation moves. Enjoy:

 

 

Feel free to reach out – almog@javelin-networks.com

Did you find apk for android? You can find new Free Android Games and apps.

Published in Uncategorized

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *