What is a full-scope red team engagement?

It is a multi-layered security assessment that simulates real-world adversary behavior across the entire cyber kill chain to test an organization's detection and response capabilities.

Can this be used for Purple Teaming?

Absolutely. While designed for red teaming, the structured TTP mapping and detection gap analysis make it an ideal resource for collaborative Purple Team exercises.

Which security tools are covered in these workflows?

The skill includes guidance and command examples for tools like Amass, Metasploit, Impacket, Rubeus, GoPhish, and various C2 frameworks like Havoc and Sliver.

Does this skill include reporting templates?

Yes, it provides a structured outline for reporting, including executive summaries, attack narratives, MITRE ATT&CK heat maps, and detection gap analysis for SOC improvements.

How does this skill help with MITRE ATT&CK mapping?

The skill provides a direct mapping of techniques—such as TA0043 for Reconnaissance or TA0008 for Lateral Movement—ensuring that every phase of the engagement is documented against industry-standard adversary tactics.

Full-Scope Red Team Engagement

Name: Full-Scope Red Team Engagement
Author: micsapp

bymicsapp

0•

安全与测试

Facilitates end-to-end red team operations from reconnaissance and initial access to post-exploitation and reporting using MITRE ATT&CK tactics.

This skill provides a comprehensive framework for planning and executing full-scope red team engagements, simulating real-world adversary behaviors to evaluate organizational detection and response capabilities. It guides users through every stage of the cyber kill chain—including passive OSINT, spearphishing, credential harvesting, and lateral movement—while ensuring strict alignment with the MITRE ATT&CK framework. By providing standardized workflows and tool commands, it helps security professionals validate security controls, identify detection gaps, and produce actionable reporting for executive and technical stakeholders.

主要功能

01Structured reporting templates for SOC gap analysis and purple team recommendations

02End-to-end mission planning aligned with MITRE ATT&CK TTPs

030 GitHub stars

04Advanced post-exploitation guidance for lateral movement and domain dominance

05Comprehensive reconnaissance workflows using Amass, crt.sh, and OSINT techniques

06Initial access simulation strategies for spearphishing and service exploitation

使用场景

01Simulating Advanced Persistent Threats (APTs) to test organizational resilience

02Conducting scheduled, high-fidelity offensive security audits and purple team exercises

03Evaluating the effectiveness of Security Operations Centers (SOC) and IR teams

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills conducting-full-scope-red-team-engagement

For use in Claude.ai and ChatGPT

主要功能

01Structured reporting templates for SOC gap analysis and purple team recommendations

02End-to-end mission planning aligned with MITRE ATT&CK TTPs

030 GitHub stars

04Advanced post-exploitation guidance for lateral movement and domain dominance

05Comprehensive reconnaissance workflows using Amass, crt.sh, and OSINT techniques

06Initial access simulation strategies for spearphishing and service exploitation

使用场景

01Simulating Advanced Persistent Threats (APTs) to test organizational resilience

02Conducting scheduled, high-fidelity offensive security audits and purple team exercises

03Evaluating the effectiveness of Security Operations Centers (SOC) and IR teams

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills conducting-full-scope-red-team-engagement

For use in Claude.ai and ChatGPT