Repeatable, OPSEC-safe infrastructure is the bread and butter of every serious Red Team. However, the publicly available deployments are either pretty limited, or not user friendly to administrators and Red Team operators alike. This requires additional time and work for infrastructure maintainers and operators, that instead could have gone into testing your client’s security.
In this talk I will introduce our new open-source tool called Red Wizard. Red Wizard is the result of years of spinning up repeatable infrastructures for Red Teaming operations. It automates a comprehensive infrastructure deployment with redirectors, backend systems, phishing relays, OSINT machines etcetera. But made easy by providing wizards that walk you through the deployments. Additionally, the infrastructure is self-documenting, making the sharing of all relevant details to your team of operators a breeze.
The tool is build to make sure to provide you with a resilient setup that is OPSEC-safe. By retrieving all critical key material from the deployed servers, you will be able to rebuild and keep receiving your shells even if one of your servers crashes and burns. The technology used for Red Wizard is mainly based on Ansible and Docker.
Within the timeframe of this talk we will demonstrate a full set-up, configuration and deployment of instantly usable OPSEC safe infrastructure in a live demo.
The tool will be published shortly before the conference and this will be the first conference where we present this.