Raxis Red Team Services

“Everybody Has a Plan Until They Get Punched in the Face.”
-Mike Tyson

Red Teaming

A Game That You Always Win

Red Teaming is where we excel. Since 2011, we’ve empowered Fortune 500 companies and mission-critical businesses with battle-tested expertise. The Raxis Red Team doesn’t just probe your defenses—we redefine them. Whether we breach your systems or not, you’ll uncover actionable insights to fortify your security and stay ahead of the threat.

Email Phishing

We craft custom phishing campaigns tailored to your organization’s unique profile, ensuring maximum effectiveness and relevance. Our targeted approach allows us to focus on specific high-risk roles or conduct company-wide assessments, providing comprehensive insights into your cybersecurity awareness.

Physical Social Engineering

We’re experts at talking our way in, tailgating, and even circumventing digital locks to gain access to your network.

Telephone Social Engineering

Phones are increasingly being used to breach companies, and we will utilize similar tactics to assess the effectiveness of your security training.

Vulnerability Exploitation

Our red team uses advanced techniques to find and exploit system vulnerabilities with tools like Nmap and Metasploit. Leveraging our collective expertise, the Raxis Red Team consistently outperforms industry rivals, delivering superior results. Our reputation for excellence has led clients to engage us when other security firms fall short, solidifying our position as the go-to experts for challenging cybersecurity assessments.

Pivoting and Lateral Movement

Once we gain a foothold, we pivot laterally through your network using tools like Mimikatz and PAExec to expand reach and access sensitive materials.

Privilege Escalation

We will elevate privileges by leveraging methods such as misconfigured permissions, exploiting vulnerabilities in the kernel, and taking advantage of weaknesses in local accounts.

Harvesting Credentials

Upon gaining access, we’ll securely extract and analyze critical authentication data, including password hashes and digital certificates. This comprehensive approach allows us to identify potential vulnerabilities in your authentication mechanisms and provide targeted recommendations to enhance your overall security posture.

Password Hash Cracking

Leveraging our GPU-accelerated password recovery system running Hashcat, we’ll employ substantial dictionaries and advanced rules to crack as many hashed credentials as we can.

Password Analysis

The Raxis Red Team conducts a comprehensive analysis of your cracked passwords, delivering detailed insights into password strength and complexity. We provide actionable recommendations to enhance your overall password security posture, helping you implement better defenses against potential threats.

Search For The Goods

The Raxis Red team will comprehensively scan file shares, databases, and even local workstations to pinpoint the most critical information. This highlights the potential risk of a cyber attack, helping you justify budget allocation for security measures.

Exfiltrate Data

Once we identify the most vital components, we will demonstrate that we can extract data without physically removing anything from your network. This enhances the evidence of cybersecurity risk.

Test Detection and Response

Our simulated data exfiltration exercise tests your existing security controls, providing valuable insights to enhance your incident response capabilities. This process allows us to identify potential gaps in your defenses and offer targeted recommendations for strengthening your overall security posture against real-world threats.

Experience the Thrill of A Red Team

Red Team Operations Designed For You

Let’s Work Together

Many customers use our Red Team to test the effectiveness of their Blue Team. We’ll work closely with you to orchestrate a real world cyber attack to ensure everyone is ready when the real attack happens.

Real Vulnerability Exploitation

We’ll combine open source intelligence, dark web data, social engineering, our rock star pentesting team, and evasion techniques to safely test every aspect of your defense.

Safe, Blended Attacks

While our Red Team’s real-world cyber-attack is highly effective at finding gaps in your armor, we take precautions to ensure your systems and data remain safe during this controlled simulation.

Interface With Raxis One

Your interface to your Red Team engagement is through our online customer management portal, Raxis One. Securely communicate with your Red Team or download your comprehensive report.

Physical Security

In most of our Red Team assessments, physical security is deemed in scope to gain a full-inset view of every potential avenue of attack. We test physical security to ensure that intruders can’t gain access to your technology.

Experienced Professionals

Raxis’ Red Team brings decades of clandestine experience to bear against your defenses. Certifications include the OSCP, OSWE, C|EH, GPEN, and many others.

Request a Demo

The Digital Shoplifter

Raxis Hack Stories

Our stories are based on real events encountered by Raxis engineers; however, some details have been altered or omitted to protect our customers’ identities.

In a daring demonstration of cybersecurity vulnerabilities, the Raxis Red Team orchestrated a multi-stage attack that exposed critical weaknesses in a major retailer’s digital infrastructure. The operation began with our team targeting the company’s wireless network using the powerful Aircrack-ng suite. This versatile toolkit allowed us to capture the network’s encryption key during a routine handshake process and swiftly crack it using Hashcat’s advanced capabilities.

With network access secured, we obtained local system access and then pivoted to internal systems using CrackMapExec, a potent post-exploitation tool. We discovered a system protected by nothing more than a default password—a digital equivalent of leaving the keys in the ignition. This oversight became our gateway, allowing us to gain local administrator privileges. Using CrackMapExec’s –sam option, we dumped the local SAM hashes, further expanding our access.

Like master locksmiths, we moved from system to system, leveraging our newly acquired local admin rights. Eventually, we obtained a prized domain administrator hash. Overnight, our dedicated team worked tirelessly, using Raxis’ Hashcat multi-GPU system to break this high-value credential. Returning the next day, we validated our newfound domain administrative access, cementing our control over the retailer’s entire digital domain.

The crown jewel of our operation was the discovery of the application and database containing store-branded gift cards and PINs, along with the ability to generate new ones at will. This find not only highlighted the potential for financial exploitation but also underscored the critical importance of robust, multi-layered cybersecurity measures in today’s retail landscape.

Red Teams, Blue Teams, And Purple Teams, oh My!

The cybersecurity field has adopted the terms Red Teams, Blue Teams, and Purple Teams to categorize various methods of evaluating and enhancing an organization’s security. These teams – Red and Blue – and their collaborative efforts – the Purple Team – greatly contribute to the cybersecurity process.

F.A.Q.

Frequently Asked Questions

Why perform Red Teaming?

At Raxis, our Red Team takes your cybersecurity to the next level by simulating real-world hacker attacks. We use our expertise to evaluate your physical locations and operational systems, identifying any potential weaknesses that could put your organization at risk. Our team is made up of top professionals with a wealth of experience, ensuring that you receive the most accurate and comprehensive Red Team Assessment. Whether you’re a multinational corporation or a small business, our services can help you protect your valuable data and assets.

Should I wait to fix known issues before performing a Red Team test?

If you have implemented security upgrades that are nearing completion, it would be advisable to schedule a red team test afterwards in order to thoroughly test the effectiveness of your changes. However, in most cases, the best time to conduct a red team test is in the present. If your system has any known issues that have not yet been addressed, it may be due to budget constraints. In such cases, a Raxis red team can provide tangible evidence to your management team to demonstrate the urgency of these changes. Perhaps you have been delaying certain changes that may seem insignificant, but a Raxis Red Team will highlight how these seemingly minor vulnerabilities can combine to create a significant weak spot, giving hackers greater access than you may have anticipated.

What does it mean for a Red Team Assessment to be in timebox?

Though malicious hackers may have endless opportunities to try and infiltrate your systems, our Red Team Assessments are limited to a set amount of time, known as a timebox. Once the assessment is completed, we provide a report detailing Raxis’ accomplishments during the allotted time and recommendations on how you can better protect your environment against similar attempts by malicious hackers.

How often should I perform a Red Team Assessment?

In today’s rapidly evolving technological landscape, it is crucial for companies to stay ahead of the curve when it comes to cybersecurity. That’s why Raxis highly recommends conducting a Red Team Assessment at least once a year. This thorough analysis will help uncover any vulnerabilities that may have gone undetected and allow your company to take proactive measures to strengthen its security. Furthermore, it is crucial to follow up with a penetration test 4-6 months after a Red Team to ensure that any identified weaknesses have been properly addressed. With Raxis by your side, you can rest assured that your company’s defenses are continuously being tested and strengthened to protect against potential breaches.

Is there a benefit to changing Red Team or Penetration Testing companies?

Although we do occasionally collaborate with organizations that adhere to this mindset, we are of the opinion that it is flawed. The concept proposes that various pentesters possess diverse backgrounds and capabilities, yet all pentesting companies are not equal. At Raxis, our pentesters possess impeccable credentials and expertise, continuously collaborating and exchanging cutting-edge information on emerging risks and breaches. Unfortunately, not all of our competitors can make the same claim. We strongly advocate for companies to seek out a reputable pentesting company like Raxis and entrust them to conduct thorough assessments year after year.

Is Red Teaming even legal? Do you ever break the law?

We prioritize following all legal regulations to the letter. Raxis contractual agreements are carefully crafted to clearly outline permissible actions versus actions that are not permitted. One of our core principles is to never intentionally damage or disrupt our clients’ systems. Instead, we strive to provide real-world examples of how a skilled hacker could infiltrate their defenses and educate our customers on methods to fortify their security. While some employees of our customer’s organization may not be fully aware of our activities, our customer management team is always fully involved and in support of our efforts.

Are there rules that Pentesters or Red Team Members follow?

At Raxis, our top priority is ensuring your system uptime and data integrity. Unlike malicious attackers, our thorough penetration tests are designed to stop short of causing any real damage. We take great care to obscure any data we gather as proof of access. Our team will also adhere to any parameters set by our clients, while still pushing the boundaries and exploring the limits of their systems’ security. We believe in providing reliable and effective penetration testing services to help protect your business from potential cybersecurity threats.

My application is cloud hosted. How can you penetration test/Red Team a platform that is hosted in the cloud or by a third party?

Once the scope has been determined and finalized, we collaborate directly with cloud providers to give them clear and accurate information about our actions and intentions. At Raxis, we have successfully completed a myriad of tests on various cloud platforms such as Amazon AWS/EC2, Microsoft Azure, Google Cloud, Rackspace, and VMWare cloud. We have also gained a great deal of experience working with content delivery front ends like CloudFlare and Akamai. Whether it is highly advanced virtualization technologies or traditional setups, our experts at Raxis are prepared to properly perform your Red Team Assessment.

Why do you download and crack password hashes?

If no specific instructions have been given, our team will attempt to crack passwords as part of our evaluation process to gauge the effectiveness of password policies and enforcement. This may also involve using compromised passwords to access other systems, resulting in a simulated data breach on a larger scale. Raxis takes precautions to safeguard the hash data through strong encryption when it is stored and in transit. After completing the password cracking task, we will securely delete the password hashes and provide you with a summarized report, which will include information on password strength, complexity, and analysis. In a Red Team Assessment, password cracking plays a crucial role in showcasing a genuine attack scenario.

Why use the Raxis team for your Red Team Assessment

The Raxis Red Team is known for their unparalleled ability to identify real-life security threats through the use of techniques and tools employed by malicious attackers. Comprised of highly experienced members, most of whom boast at least 10 years of experience in performing cyber attacks, our team operates primarily out of Atlanta, GA. Our forte lies in pentesting, a crucial element of Red Teaming, and we strive to stay updated with the latest tactics to bypass various technological defenses. The Raxis crew is constantly broadening their knowledge on the most recent exploits to ensure we always offer a state-of-the-art simulation for our customers.