Despite the fact that we’ve now posted 50 red teaming “laws,” we hope that our readers understand that the superior red teamer should contextualize every red team engagement (within the obvious constraints of budget and schedule). Yes, it’s tempting to commoditize your approach and get in and out as efficiently as possible, but by overdoing it you risk delivering a misleading assessment to your client.
This is another great article posted by our friends at the Red Team Journal.
One of the questions that a reader sent us, aligns great with this post.
In that post, back in 2014, we answered:
PHASE 3: RECON
This phase is, in my opinion, one of the most important phases. If you do it right it will most likely end in the success of the project. If done right, a good team can move to Phase 5 directly and finish the project. During this phase the team observes the target and learns about it. Physical surveillance and digital scanning are performed. The target's digital and/or physical footprints are mapped and analysed. At the end of this phase there is a clear view of the possible vectors of attack. These vectors can be exploited on the spot.