Red Team Notes
Red Team Operations
These notes are organized by the MITRE ATT&CK framework. Select a Tactic below to view specific Techniques.
Section Contents
-
1. Reconnaissance
The adversary is trying to gather information they can use to plan future operations.
-
2. Resource Development
The adversary is trying to establish resources they can use to support operations.
-
3. Initial Access
The adversary is trying to get into your network.
-
4. Execution
The adversary is trying to run malicious code on your network.
-
5. Persistence
The adversary is trying to maintain their foothold.
-
6. Privilege Escalation
The adversary is trying to gain higher-level permissions.
-
7. Defense Evasion
The adversary is trying to avoid being detected.
-
8. Credential Access
The adversary is trying to steal account names and passwords.
-
9. Discovery
The adversary is trying to figure out your environment.
-
10. Lateral Movement
The adversary is trying to move through your environment.
-
11. Collection
The adversary is trying to gather data of interest to their goal.
-
12. Command and Control
The adversary is communicating with systems under their control.
-
13. Exfiltration
The adversary is trying to steal data.
-
14. Impact
The adversary is trying to manipulate, interrupt, or destroy your systems and data.
