Note: this is the course capstone for Responsible Red Teaming, which is available at The Taggart Institute for free! If you have not taken that course, I strongly recommend it. But it is not required to do this challenge.
RISOTTOCORP ENGAGEMENT
Date: Oct 20th, 2022
Company: SecureEnts Cybersecurity Consulting Firm
Role: Junior Red Team Operator
You are a new red team operator at SecureEnts, an up-and-coming IT security consulting firm. The firm specializes in web application penetration testing, full-scope red team engagements, and other types of offensive security consulting. You joined the team last week and are ecstatic to jump into the teamās next engagement!
The target for this engagement is RisottoCorp, the leading provider of short-grain rice dish services. RisottoCorpās leadership have noticed a slew of ransomware attacks that have targeted other food service corporations lately and are worried about their own infrastructure. SecureEnts has accepted the contract and the engagement window begins today.
RisottoCorpās lead of IT has provided you with a list of DNS records that are in scope for the test. The team has tried to get more information from the IT team about what else can be considered in scope, but the IT team has been slow to respond. Unfortunately, that means your team doesnāt have a lot to go on.
The Friday before the engagement kickoff, your team receives the following email:
SecureEnt team, I apologize for the late responses. The RisottoCorp leadership tends to task us randomly and weāve been very busy. I did have time to sit down and add the original scope document that you provided with my inputs. I think this should be sufficient to begin the engagement. Please find my inputs attached. Thank you! IT Lead, RisottoCorp
Your team has three weeks to perform a full scope red team engagement. Time is of the essence!
What do you do?
Choices
Jump right in! Letās do recon against the DNS records and find some targets to attack.