added default note structures
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
#|||ORG_NAME||| #internal #general
|
||||
|
||||
# SCOPE
|
||||
(paste scope from workbook)
|
||||
|
||||
On the call:
|
||||
|
||||
Introductions
|
||||
Let them know that their primary contact will be the PM and there should be
|
||||
|
||||
Go over general attack strategy/procedure.
|
||||
We will get a beacon payload by the time the test starts
|
||||
The beacon payload should be executed on a domain joined windows system.
|
||||
If the system is not domain joined/no domain - let Seth know as this modifies the standard beacon
|
||||
Select a user based on a department/role that they would like tested (Marketing, Sales, HR, IT)
|
||||
This can be a test system with a cloned user, but then we don't get keylogging or screen grabs
|
||||
The beacon is created using Cobalt Strike and communicates over HTTPS
|
||||
Since Cobalt Strike is very well signatured, remind them that they may need to add an exclusion in antivirus and/or web filter
|
||||
We will look at local privilege escalation, conduct portscans, password sprays, targeted vulnerability scanning (NOT NESSUS), lateral movement opportunities, and escalating to DOMAIN ADMIN privilege.
|
||||
Ask if they want a focus on any particular assets. for example, an old time logging system, or remote access system.
|
||||
|
||||
Confirm On Prem AD vs NoAD or Azure AD -
|
||||
|
||||
Ask if they have any questions or concerns
|
||||
|
||||
Do they have a specific contact -
|
||||
|
||||
emergency contact method -
|
||||
|
||||
Email any follow-up items from the call to the PM
|
||||
|
||||
sensitive systems -
|
||||
|
||||
secondary objectives -
|
||||
Reference in New Issue
Block a user