NetSPI’s toolkit for covert adversary simulations isnow available to enterprise red teams with new features and functionality.
Minneapolis, Minnesota – NetSPI, the leader in enterprise penetration testing and attack surface management, today relaunched Red Team Toolkit, a sophisticated suite of penetration testing and adversary simulation tools. NetSPI integrated and advanced the Toolkit after the acquisition of Silent Break Security in late 2020. It features a re-designed web-based user experience and improved functionality that supports more advanced and collaborative red team operations.
“We designed the all-new Red Team Toolkit Platform to better emulate sophisticated, real-world attackers after observing critical gaps left by other well-signatured tools on the market,” said Brady Bloxham, Chief Technology Officer at NetSPI. “We continue to use the platform on our own red team operations and are constantly updating it with the latest offensive techniques and defensive countermeasures. It is the most capable offensive toolkit available to red teamstoday.”
Red Team Toolkit’s tooling and features include:
Slingshot: Slingshot is a Windows post-exploitation agent used by red teams to conduct advanced network cyber-operations. Designed with stealth in mind, it enables operators to accurately emulate sophisticated adversaries. It increases the speed and efficiency of advanced operations through malleable network profiles, direct syscall execution, memory obfuscation, blended HTML traffic, scripting automation interface, and more.
Improved user experience: Its new web-based user interface was built with the operator experience and productivity top of mind. It is a command and control (C2) server, providing a unified interface for all current and future tools.
Multi-user support: The all-new Red Team Toolkit Platform supports multi-user interaction with tiered access permissions. This provides mirrored output, improved team collaboration, seamless operations, and training opportunities.
Keyboard-centric controls: Inspired by a traditional terminal, red teamers will feel at home with keyboard-centric controls and an integrated command palette.
Functional storage: Connect Red Team Toolkit to your existing database infrastructure or a simple SQLite file. Everything is well-formed, easily parsed, and recorded in one central location.
“Our teams think like adversaries and perform red teaming for some of the most advanced organizations in the world,” said Aaron Shilts, President and CEO of NetSPI. “We take pride in building technology that change how our clients think about their penetration testing programs and the industry as a whole – and we are thrilled to make it available to others with the reintroduction of Red Team Toolkit.”
Learn more about how Red Team Toolkit can optimize your Red Team engagements and increase productivity. Contact firstname.lastname@example.org.
NetSPI is the leader in enterprise penetration testing and attack surface management. We are proud to partner with nine of the top 10 U.S. banks, three of the world’s five largest health care companies, the largest global cloud providers, and many of the Fortune® 500. Our experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces. We uniquely deliver Penetration Testing as a Service (PTaaS) through our Resolve platform. Clients love PTaaS for the simplicity of scoping new engagements, viewing their testing results in real-time, orchestrating remediation, and the ability to perform always-on continuous testing. We find vulnerabilities that others miss and deliver clear, actionable recommendations allowing our customers to find, track, and fix their vulnerabilities faster. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of growth equity firm Sunstone Partners. Follow us on Facebook, Twitter, and LinkedIn.
PTaaS is NetSPI’s delivery model for penetration testing. It enables customers to simplify the scoping of new engagements, view their testing results in real time, orchestrate faster remediation, perform always-on continuous testing, and more - all through the Resolve™ vulnerability management and orchestration platform.
We help organizations defend against adversaries by being the best at simulating real-world, sophisticated adversaries with the products, services, and training we provide. We know how attackers think and operate, allowing us to help our customers better defend against the threats they face daily.
At NetSPI, we believe that there is simply no replacement for human-led manual deep dive testing. Our Resolve platform delivers automation to ensure our people spend time looking for the critical vulnerabilities that tools miss. We provide automated and manual testing of all aspects of an organization’s entire attack surface, including external and internal network, application, cloud, and physical security.
Our proven methodology ensures that the client experience and our findings aren’t only as good as the latest tester assigned to your project. That consistency gives our customers assurance that if vulnerabilities exist, we will find them.
Is your organization prepared for a ransomware attack? Explore our Ransomware Attack Simulation service.