I am a Responsible Red Teamer. This is my manifesto.
@August 12, 2022
I am a Responsible Red Teamer.
I am the cyber defender’s sparring partner. My job is not to win against the blue team. My job is to help make battle hardened blue teamers. I may succeed at outmaneuvering the blue team during my engagements, but I will never confuse this for winning.
The only way I win is if, as a result of my actions, blue teamers become more capable practitioners. That is the way towards cyber enlightenment.
We spar inside the same castle walls and for the same reason. To become better at our craft. I will always strive to learn more, become better, and master my craft. But I will never forget that the blue team is the reason I exist. Their success is my success. I serve them, first and foremost.
I am a Responsible Red Teamer. A high degree of trust and confidence is placed in me by my client. I will do everything in my power to protect my client’s data, even as I siphon it from their environment in a calculated fashion. My intentions must be above reproach at all times. I will never allow my client’s data to rest or traverse in contested zones while unencrypted. I will ensure that the data I exfiltrate is only ever unencrypted in a location that I have positive control over.
I will ensure my C2 authenticates its agents and communications are encrypted from target to server. I will take care to ensure my payloads never land or execute in environments that are out of scope. I will minimize the operational risk to my client’s data wherever I can.
I will be ethical, practical, safe, and deliberate in every action during my engagements. If the scope of engagement is ever unclear, I will seek to clarify it. I will never fire off Proofs of Concept without testing them thoroughly. I will never leave payloads behind in the target environment after an engagement.
I am a Responsible Red Teamer. I will meet the blue team at their capability level. My engagements will emulate relevant, legitimate threats to my client’s data. Though I will study and learn every sophisticated type of attack, I will only deploy these capabilities if it is in line with my threat presentation plan.
If the situation calls for it, I will be relentless. If the situation calls for it, I will show restraint. No matter the situation, I will be creative and think like an adversary.
I am a Responsible Red Teamer. I will be a resource for defenders. I will be approachable, professional, and knowledgeable. I understand that nothing I do will have any impact unless my results are presented professionally, concisely, and compassionately. The cyber defenders I face will understand my intentions through my actions and their trust in me will be earned, not given.
I am a Responsible Red Teamer. I have read Tim MalcomVetter’s Responsible Red Teams blog post and considered its points.
Until my final engagement concludes, I will carry the torch of responsibility and hold it high during my emulated cyber sparring matches. Until no blue team feels unprepared, overwhelmed, or outmatched, I will do my job proudly.
I am a Responsible Red Teamer and this is my manifesto.
Fight’s on.
-Husky
— — — — — — > Back to Notes
🌐 Where You Can Find Me
🐦 Twitter | 📡 Main Blog | 👽 GitHub | 📺 YouTube
📒Recent Notes
8/30/22 Content Creators, I Will Teach You Cyber Jiu-Jitsu
8/12/22 The Responsible Red Teamer’s Manifesto
7/30/22 On Patching Binaries
7/16/22 MS-Interloper: On the Subject of Malicious MSIs
4/22/22 Failing All The Way To Token Manipulation, Part 1
4/16/22 COM Hijacking Creative Cloud
