GuidePoint Security released a new open source tool that enables a red team to easily build out the necessary infrastructure.
The RedCommander tool solves a major challenge for red teams around the installation and operationalization of infrastructure by combining automation scripts and other tools into a deployable package.
RedCommander is a series of Ansible Playbooks that automate the tedious tasks required to stand up covert command and control channels during a red team exercise. This open source tool is intended to be a stepping stone for more advanced configurations during red team assessments.
Once an operator spins up several servers and configures redirectors, they can leverage RedCommander to modify and monitor their command and control servers for blue team investigations by way of RedELK. The result provides the operator with a full-spectrum overview of a Red Team exercise while simultaneously centralizing logs for Indicators of Compromise (IOC) analysis.
“Exercising defensive responses is a crucial security practice for any organization,” says Alex Williams, the creator of RedCommander and a senior consultant in the GuidePoint Security Threat & Attack Simulation practice.
“RedCommander makes it easier for red teams to deploy their infrastructure in a more customized fashion, giving them a true infrastructure for success.”