Red Team Assessment
Get a complete picture of your organization's security posture from an attacker’s point of view.
What is a Red Team Assessment?
Red team assessment is a goal-directed, multi-dimensional adversarial threat emulation. It involves the utilisation of offensive tactics, techniques, and procedures to gain access to an organization’s critical assets, to test the organization’s readiness to detect and withstand a targeted attack. It measures the effectiveness of the existing security controls present and how well an organization’s employees/ network/ applications and physical security can hold up against an attack.
Why do you need a Red Team Assessment?
Your adversaries don't follow the same scope as your annual web application penetration test. With our red team assessment service tailored for you, get an assessment of how well your security can withstand real-world attacks. The objective-based assessment helps you get a picture of the security of the assets that are most critical for you
Comprehensive testing covering all aspects
The purpose of this red team activity is to demonstrate how a real-world hacker can chain different techniques, tricks, scripts, and exploits to achieve their goal.
The purpose of this red team activity is to demonstrate how a real-world hacker can combine different techniques, tricks, scripts, and exploits to achieve their goal.
Digital, Social, Physical Recon
Exploit vulnerability in the application logic or find a misconfiguration to escalate privileges.
Explore the network. Map out the targets. Move Laterally.
After compromising any and all hosts in the pathway, compromise the target assets according to the preset goal.
During the assessment, Payatu red team will enact real-life attackers and use methods including but not limited to
Phishing & Social Engineering Attacks
This will involve spear-phishing campaigns, Social engineering on-site, and over the phone.
Gather data from OSINT
This will involve gathering data from online resources without directly interacting with any of the organization’s infrastructure. This includes gathering data published on websites not owned by the target organization, data gathered from WHOIS, email addresses and other information gathered from using advanced google search operators.
Breach physical security
This will involve trying to bypass the physical security protections in place like Locks, RFID based access control, Wall based perimeter using techniques including tailgating and RFID cloning.
Network based exploitation
This will involve attempting to find vulnerabilities and exploit the services running in the IP Addresses ranges in scope, for example, a vulnerability in the VPN service might lead to internal network access.
Application based attacks
With a plethora of online assets exposed online, a compromise of even one of them could serve as the initial entry point, after which the attack can propagate further. This will involve an attempt to compromise the web and mobile applications to get access to the server involved, which can be further escalated to gain more privilege and attack other devices on the internal network. This will involve probing for subdomains and directories of the applications included in the scope to increase the attack surface area and discovery of additional assets.