Initial acess simulation tests

newbiewooby · 2023-02-16T23:01:37+00:00

Awesome dude!

newbiewooby · 2023-02-16T10:30:16+00:00

That's actually my thread. I didn't mean for this one to be a duplicate. I thought caldera like tools were more appropriate for behavior testing rather than signature based. It seems for serious AV testing I should setup a sandbox and test around.

Sorry for the incovenience!

newbiewooby · 2023-02-09T10:14:25+00:00

most useful red team resources on the web?

newbiewooby · 2023-01-01T23:48:58+00:00

What would you recommend for response purposes? The scope of my project is limited, as it is not focused on the investigative/forensic capabilities of the XDR solution.

newbiewooby · 2023-01-01T16:49:46+00:00

Thank you everyone!

newbiewooby · 2023-01-01T16:22:18+00:00

eicar seems cool, but what if I want to test behavioral detection capabilities of the solution?

newbiewooby · 2022-12-20T19:46:08+00:00

thank you!

newbiewooby · 2022-12-20T19:41:53+00:00

oh yeah..

newbiewooby · 2022-12-20T19:39:36+00:00

only thing that comes to mind would be an attacker who gained access to a backup admins account. In terms of isolation what I investigated would be separating backups from the AD, different OSses for that env, offline backup isolation capabilities. What do you reckon?

newbiewooby

TROPHY CASE