red-team-engagement

What problem does it solve?

It helps you plan, scope, and execute an authorized red-team engagement to validate whether your organization can detect, respond to, and contain adversary behavior—going beyond vulnerability discovery to test real defenses.

Core Features & Use Cases

• Authorization-gated planning and execution: Requires explicit written authorization, defined scope, success criteria, and deconfliction contacts before any assistance proceeds.
• Engagement lifecycle coverage: Guides pre-engagement scoping, recon/intelligence planning, ATT&CK-emulation execution, and structured debrief/reporting.
• Assumed-breach and purple-team models: Supports externally scoped, assumed-breach, and purple-team workflows with appropriate emphasis on learning and detection coverage.
• Dual-use safety boundaries: Refuses unauthorized targeting, discourages destructive activity by default, and uses synthetic markers instead of real customer-data exfiltration.

Quick Start

Use the red-team-engagement skill to create an engagement plan and RoE by describing your authorized target, in-scope assets, time window, assumed-breach starting point (if applicable), success criteria, and the deconfliction contact.