The Top

Sometimes you don't know what you agree to until it's too late. In this particular project we were testing physical security around the customer's building. The customer asked us to try to bypass their physical security measures and if possible reach a certain room and leave a note there.

It sounded like a fun project.

The next 3 weeks were spent researching the target, recon during the day and night, trying to get the right names for some social engineering attack if needed and gear, techniques and planning.  

At the end we discovered a vulnerability and we thought we could exploit to get us in. The only problem was that in order to get that potential point of entry we needed to get to the roof.

Read More
/

Quote of the day

"...however if you can’t think outside the box, if you can’t find ways to bend the rules, to think like an attacker, to lie, to cheat and to really want to find a way to succeed, then you won’t be able to perform."

-- So, you want to be a Red Teamer

Update

Hi, this is JD. I just wanted to update you all about the blog. There will be less posts in the coming days due to unforeseen circumstances that are keeping us busy. But don't worry, as soon as time allows it, there are 2 posts coming up that will put a big grin in your faces and make you say Hell Yeah!.

In the meantime, don't forget the 2 new shirts that we have for the team that you ask to make public as well:

The OPSEC Tshirt

Often people ask about what we do and where. OPSEC and other things make me look at them, close my mouth and keep quiet. Sometimes a good devilish smile will make them walk away wondering...

Get yours

1404930882494.jpeg

The Plan C Tshirt

When everything else fails, Plan C. We are it. We don't fail. Rule 1 says: Always have an escape plan. Well, Plan C is your escape plan. Be the person that everyone calls when a problem needs to be resolved, quickly and quietly. Be the problem solver.

Get yours

/

Do you need to have a Red Team?

Somewhat out there, but the article has some good points.

Litigation can be a battle. You marshall your forces and attack the opposing party. But there is a long lead time from the filing of a lawsuit to the commencement of a trial. During that time you lay out your strategy. How to approach the case, handle witnesses, develop a compelling narrative and theme. But you don’t want to be surrounded by yes-men. While working on a project it is easy to develop a cocoon. A selective filter bubble that only incorporates what works and fits in neatly with your narrative. But you have to push back against it and organize dissent.

You need a Red Team.

Red Teams are heretics. They try to buck expectations and throw a monkey wrench into solidified plans with little manpower and small resources. Red teams are generally smaller, underfunded, and placed at a disadvantage from the get-go. All things being equal, they are supposed to lose.

But a Red Team’s weaknesses also give rise to: creative problem solving, lateral thinking, intense team cohesion, strategic surprise, deconstruction of dogma. Essentially, a Red Team takes the role of advocate for a disadvantage adversary. Which is exactly what you need to cultivate within your office heading into litigation. Especially when you feel confident about your case.

/

Quote of the day

"Rule of Robustness: Robustness is the child of transparency and simplicity."

-- The Unix Philosophy

/

Quote of the day

"See the people. Bricks vs. clicks. Pound the pavement. Although technology can increase efficiency and provide a worldwide reach, the human effect is just as important as in years past. Technology (hardware) compliments the human effect, but does not replace it. Drones don’t win wars, people do. They are a great addition to our kit bag, but not a replacement for boots on the ground. The same holds true in business and in life."

-- Josh Markiewicz, Utilizing the SOF Truths in Business: Humans Are More Important Than Hardware.

/

Book review

This book review is not about a technical book, it's about a modern science fiction novel: Kill Decision by Daniel Suarez.

1original-f4b136889df98446.jpg

Kill Decision is a mix of a cyberpunk, military and actual science stories that come together is a great and frightening view of what it's coming in the very, very near future.
Daniel Suarez makes a compelling point about the automated drones. A team of Special Operations Forces (The Activity) join forces with a University professor to fight a new threat to the United States and the world. The story is fast paced and violent with hints of humoer as well.

Check his talk at TED in the video below.

In any case, it's a fantastic book if you want to get a story that mixes several types of literature and contains a lot of good Red Teams Mindset in it.

/