sf

Sheepl : Creating realistic user behavior for supporting tradecraft evolution within lab environments Introduction There are lots of resources available online relating to how you lot tin educate AD network environments for the evolution of blue team too red team tradecraft. However the electrical current solutions tend to lack 1 of import facial expression inwards representing existent the world network configurations. H5N1 network is non but a collection of static endpoints, it is a platform for communication betwixt people. Sheepl is a tool that aims to yoke the gap past times emulating the behavior that people unremarkably undertake within a network environment. Using Python3 too AutoIT3 the output tin last compiled into a standalone executable without whatever other dependancies that when executed on an Windows endpoint, executes a laid of tasks randomly over a chosen fourth dimension frame. For crimson teamers this tin serve to introduce those moments of chance t...

Red Team's SIEM - slow deployable tool for Red Teams used for tracking together with alarming nearly Blue Team activities every bit good every bit improve usability for the Red Team inward long term operations. Initial world free at BruCON 2018: Video: https://www.youtube.com/watch?v=OjtftdPts4g Presentation slides: https://github.com/outflanknl/Presentations/blob/master/MirrorOnTheWall_BruCon2018_UsingBlueTeamTechniquesinRedTeamOps_Bergman-Smeets_FINAL.pdf Goal of the project Short: a Red Team's SIEM. Longer: a Red Team's SIEM that serves 3 goals: Enhanced usability together with overview for the cerise squad operators past times creating a primal place where all relevant operational logs from multiple teamservers are collected together with enriched. This is peachy for historic searching inside the performance every bit good every bit giving a read-only persuasion on the performance (e.g. for the White Team). Especially useful for multi-scenario, multi-tea...