Red Team
Category: Engineering Domain: Offensive Security
Overview
The Red Team skill provides tools for planning and scoping security engagements. It helps define rules of engagement, select methodologies, scope targets, plan attack phases, and generate engagement documentation.
Clarify First
Before planning the engagement, confirm these inputs. If any is unknown or vague, ASK — do not assume:
- [ ] Authorization & ROE owner — who has signed off and the escalation contacts (no engagement plan without confirmed authorization)
- [ ] In-scope targets & boundaries — the exact assets in and explicitly out of bounds (drives scope and
--target) - [ ] Engagement type — red-team / pentest / purple / bug-bounty (sets stealth, methodology, and
--type) - [ ] Compliance framework — e.g. pci-dss (maps test cases to controls via
--compliance)
Stop rule: ask only the 2-3 that most change the output. If the user says "just draft it," proceed and list your assumptions at the top of the artifact.
Quick Start
# Plan a red team engagement
python scripts/engagement_planner.py --type red-team --target "web application" --duration 2w
# Plan a penetration test
python scripts/engagement_planner.py --type pentest --target "api,network" --duration 1w --compliance pci-dss
# Generate rules of engagement document
python scripts/engagement_planner.py --type red-team --target "full-org" --output engagement_plan.json --format json
Tools Overview
| Tool | Purpose | Key Flags |
|------|---------|-----------|
| engagement_planner.py | Plan red team engagements with scope, rules, and methodology | --type, --target, --duration, --compliance |
engagement_planner.py
Generates comprehensive engagement plans including:
- Scope definition and boundaries
- Rules of engagement (ROE)
- Methodology selection (MITRE ATT&CK, OWASP, PTES, etc.)
- Phase breakdown with timelines
- Communication and escalation procedures
- Deliverables checklist
Workflows
Full Red Team Engagement
- Define engagement objectives and scope with
engagement_planner.py - Review generated rules of engagement with stakeholders
- Get formal sign-off on scope and ROE
- Execute phases per the plan timeline
- Document findings throughout
- Deliver final report
Compliance-Driven Pentest
- Run planner with
--complianceflag for framework-specific requirements - Map test cases to compliance controls
- Execute against compliance-specific checklist
- Generate evidence for auditors
Reference Documentation
- Red Team Methodology - Frameworks, attack phases, and engagement standards
Common Patterns
Engagement Types
- Red Team: Full adversary simulation, stealth required, tests detection/response
- Penetration Test: Authorized vulnerability exploitation, known to defenders
- Purple Team: Collaborative attack/defense, real-time knowledge sharing
- Bug Bounty Triage: Structured vulnerability validation from external reports