文章描述了一次针对财富500强公司的红队渗透测试,团队通过克隆门禁卡、伪装打印机和利用鼠标劫持攻击分散安全团队注意力的方式,在一周内成功渗透至支付基础设施。 2025-7-19 03:2:19 Author: www.reddit.com(查看原文) 阅读量:42 收藏
Just published a new write-up in our "How We Got In" series. This one covers a red team engagement we did for a Fortune 500 company.
We cloned a badge at the door, posed as printers to blend in, and used a mousejacking attack to distract the SOC while we quietly worked our way toward the payment infrastructure. The goal was to simulate what a real attacker might do over the course of a full week.
It’s written like a story rather than a report. No fluff, no recycled tips, just a step-by-step walkthrough of how things unfolded, what we found, and how we moved through the environment. Hopefully it’s useful or at least a fun read.
Full story:
🔗 https://artificesecurity.com/red-team-engagement/
Pillar page with the rest of the "How We Got In" series:
🔗 https://artificesecurity.com/how-i-got-in-social-engineering-attacks/
Always open to feedback or hearing your own stories if you’ve done similar work.
如有侵权请联系:admin#unsafe.sh