Explore force multipliers for red team operations in this 48-minute conference talk from Bsides Las Vegas 2012. Delve into Raphael Mudge's experiences and insights on cyber defense events, tactical situations, and team organization. Learn about collaboration needs, benefits, and limitations in red team operations. Discover the roles and structures used in various exercises, including NECCD, MACCDC, and DHS. Examine the concepts of decentralized attacks and centralized post-exploitation. Investigate automation challenges and uses, with a focus on tools like Armitage and Cortana. Gain valuable knowledge on enhancing red team effectiveness through force multipliers and access additional resources for further learning.
Overview
Syllabus
Intro
Overview
My experiences
My question...
What is a force multiplier?
Scope: Cyber Defense Events
Tactical Situation
NECCDC 2008-2009
Armitage
Collaboration Needs
Team Operations
Working in a red team...
Red Team Organization
Roles: MACCDC 2012
DHS Exercise (Oct 2011)
Collaboration Benefits
Decentralize Attack
Centralize Post-Exploitation
Limitations
Distribution
Automation: Challenges
Cortana
NECCDC 2012
Automation Uses
Force Multipliers
Summary
Resources
