- Home
- Skills
- Vudovn
- Antigravity Kit
- Red Team Tactics
red-team-tactics_skill
- TypeScript
5.7k
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill vudovn/antigravity-kit --skill red-team-tactics- SKILL.md4.3 KB
Overview
This skill codifies red team tactics and operational principles mapped to the MITRE ATT&CK lifecycle. It focuses on attack phases, common techniques for initial access, lateral movement, privilege escalation, and defense evasion, plus ethical boundaries and reporting guidance. The goal is to help teams plan realistic adversary simulations and produce actionable detections and mitigation recommendations.
How this skill works
The content inspects each ATT&CK phase and lists practical objectives, typical vectors, and decision criteria for selecting techniques. It summarizes reconnaissance trade-offs (passive vs active), access vectors, escalation checks for Windows and Linux, lateral movement paths, Active Directory attack categories, and operational security measures. It also prescribes reporting structure and detection-gap analysis to convert exercises into defensive improvements.
When to use it
- Designing a red team engagement plan or tabletop exercise
- Creating realistic attack scenarios for purple team drills
- Assessing detection coverage and detection engineering priorities
- Training blue team analysts on common adversary behaviors
- Validating incident response playbooks against realistic techniques
Best practices
- Define and enforce clear scope, legal and safety boundaries before testing
- Prefer low-impact proof-of-concept actions; avoid destructive techniques
- Mimic normal user and network patterns to increase realism while minimizing noise
- Document the full attack chain and link each technique to detection gaps
- Report actionable mitigations prioritized by risk and detection feasibility
Example use cases
- Simulate phishing to test email defenses and user response workflows
- Run lateral movement scenarios using valid credentials to validate segmentation
- Exercise privilege escalation checks on Windows services and Linux sudo misconfigurations
- Test Active Directory resiliency with Kerberoasting and DCSync detection rules
- Perform post-engagement reporting that maps techniques to missed alerts and controls
FAQ
Pick vectors that match the target profile and objectives: phishing for human-centered tests, public exploits for exposed services, or supply-chain methods for third-party risk. Prioritize safety and scope.
What should a good post-engagement report include?
A clear attack narrative, technique-by-technique detection analysis, root causes for missed detections, prioritized mitigations, and recommendations for monitoring and controls.