Red Team Assessment

Get a complete picture of your organization's security posture from an attacker’s point of view.

What is a Red Team Assessment?

Red team assessment is a goal-directed, multi-dimensional adversarial threat emulation. It involves the utilisation of offensive tactics, techniques, and procedures to gain access to an organization’s critical assets, to test the organization’s readiness to detect and withstand a targeted attack. It measures the effectiveness of the existing security controls present and how well an organization’s employees/ network/ applications and physical security can hold up against an attack.

Why do you need a Red Team Assessment?

Your adversaries don't follow the same scope as your annual web application penetration test. With our red team assessment service tailored for you, get an assessment of how well your security can withstand real-world attacks. The objective-based assessment helps you get a picture of the security of the assets that are most critical for you

Comprehensive testing covering all aspects

The purpose of this red team activity is to demonstrate how a real-world hacker can chain different techniques, tricks, scripts, and exploits to achieve their goal.

✔ Digital Assets
This includes Applications, Routers, Firewalls, Wireless, etc.
✔ Physical Assets
This includes Buildings/Perimeter, Hardware vulnerabilities.
✔ Human Assets
This includes all staff members.

Our Methodology

The purpose of this red team activity is to demonstrate how a real-world hacker can combine different techniques, tricks, scripts, and exploits to achieve their goal.

The process divided into 5 stages of the assessment

Initial Reconnaissance

Digital, Social, Physical Recon
Initial Compromise

Exploit vulnerability in the application logic or find a misconfiguration to escalate privileges.
Internal Reconnaissance

Explore the network. Map out the targets. Move Laterally.
Compromise

After compromising any and all hosts in the pathway, compromise the target assets according to the preset goal.

During the assessment, Payatu red team will enact real-life attackers and use methods including but not limited to

Phishing & Social Engineering Attacks

This will involve spear-phishing campaigns, Social engineering on-site, and over the phone.
Gather data from OSINT

This will involve gathering data from online resources without directly interacting with any of the organization’s infrastructure. This includes gathering data published on websites not owned by the target organization, data gathered from WHOIS, email addresses and other information gathered from using advanced google search operators.
Breach physical security

This will involve trying to bypass the physical security protections in place like Locks, RFID based access control, Wall based perimeter using techniques including tailgating and RFID cloning.
Network based exploitation

This will involve attempting to find vulnerabilities and exploit the services running in the IP Addresses ranges in scope, for example, a vulnerability in the VPN service might lead to internal network access.
Application based attacks

With a plethora of online assets exposed online, a compromise of even one of them could serve as the initial entry point, after which the attack can propagate further. This will involve an attempt to compromise the web and mobile applications to get access to the server involved, which can be further escalated to gain more privilege and attack other devices on the internal network. This will involve probing for subdomains and directories of the applications included in the scope to increase the attack surface area and discovery of additional assets.