MCP.directory

red-team-tactics

by davila7
37
2
Source

Red team tactics principles based on MITRE ATT&CK. Attack phases, detection evasion, reporting.

Install

mkdir -p .claude/skills/red-team-tactics && curl -L -o skill.zip "https://mcp.directory/api/skills/download/804" && unzip -o skill.zip -d .claude/skills/red-team-tactics && rm skill.zip

Installs to .claude/skills/red-team-tactics

About this skill

Red Team Tactics

Adversary simulation principles based on MITRE ATT&CK framework.

1. MITRE ATT&CK Phases

Attack Lifecycle

RECONNAISSANCE → INITIAL ACCESS → EXECUTION → PERSISTENCE
       ↓              ↓              ↓            ↓
   PRIVILEGE ESC → DEFENSE EVASION → CRED ACCESS → DISCOVERY
       ↓              ↓              ↓            ↓
LATERAL MOVEMENT → COLLECTION → C2 → EXFILTRATION → IMPACT

Phase Objectives

PhaseObjective
ReconMap attack surface
Initial AccessGet first foothold
ExecutionRun code on target
PersistenceSurvive reboots
Privilege EscalationGet admin/root
Defense EvasionAvoid detection
Credential AccessHarvest credentials
DiscoveryMap internal network
Lateral MovementSpread to other systems
CollectionGather target data
C2Maintain command channel
ExfiltrationExtract data

2. Reconnaissance Principles

Passive vs Active

TypeTrade-off
PassiveNo target contact, limited info
ActiveDirect contact, more detection risk

Information Targets

CategoryValue
Technology stackAttack vector selection
Employee infoSocial engineering
Network rangesScanning scope
Third partiesSupply chain attack

3. Initial Access Vectors

Selection Criteria

VectorWhen to Use
PhishingHuman target, email access
Public exploitsVulnerable services exposed
Valid credentialsLeaked or cracked
Supply chainThird-party access

4. Privilege Escalation Principles

Windows Targets

CheckOpportunity
Unquoted service pathsWrite to path
Weak service permissionsModify service
Token privilegesAbuse SeDebug, etc.
Stored credentialsHarvest

Linux Targets

CheckOpportunity
SUID binariesExecute as owner
Sudo misconfigurationCommand execution
Kernel vulnerabilitiesKernel exploits
Cron jobsWritable scripts

5. Defense Evasion Principles

Key Techniques

TechniquePurpose
LOLBinsUse legitimate tools
ObfuscationHide malicious code
TimestompingHide file modifications
Log clearingRemove evidence

Operational Security

  • Work during business hours
  • Mimic legitimate traffic patterns
  • Use encrypted channels
  • Blend with normal behavior

6. Lateral Movement Principles

Credential Types

TypeUse
PasswordStandard auth
HashPass-the-hash
TicketPass-the-ticket
CertificateCertificate auth

Movement Paths

  • Admin shares
  • Remote services (RDP, SSH, WinRM)
  • Exploitation of internal services

7. Active Directory Attacks

Attack Categories

AttackTarget
KerberoastingService account passwords
AS-REP RoastingAccounts without pre-auth
DCSyncDomain credentials
Golden TicketPersistent domain access

8. Reporting Principles

Attack Narrative

Document the full attack chain:

  1. How initial access was gained
  2. What techniques were used
  3. What objectives were achieved
  4. Where detection failed

Detection Gaps

For each successful technique:

  • What should have detected it?
  • Why didn't detection work?
  • How to improve detection

9. Ethical Boundaries

Always

  • Stay within scope
  • Minimize impact
  • Report immediately if real threat found
  • Document all actions

Never

  • Destroy production data
  • Cause denial of service (unless scoped)
  • Access beyond proof of concept
  • Retain sensitive data

10. Anti-Patterns

❌ Don't✅ Do
Rush to exploitationFollow methodology
Cause damageMinimize impact
Skip reportingDocument everything
Ignore scopeStay within boundaries

Remember: Red team simulates attackers to improve defenses, not to cause harm.

More by davila7

View all skills by davila7

software-architecture

davila7

Guide for quality focused software architecture. This skill should be used when users want to write code, design architecture, analyze code, in any case that relates to software development.

522184

planning-with-files

davila7

Implements Manus-style file-based planning for complex tasks. Creates task_plan.md, findings.md, and progress.md. Use when starting complex multi-step tasks, research projects, or any task requiring >5 tool calls.

84105

scroll-experience

davila7

Expert in building immersive scroll-driven experiences - parallax storytelling, scroll animations, interactive narratives, and cinematic web experiences. Like NY Times interactives, Apple product pages, and award-winning web experiences. Makes websites feel like experiences, not just pages. Use when: scroll animation, parallax, scroll storytelling, interactive story, cinematic website.

13087

humanizer

davila7

Remove signs of AI-generated writing from text. Use when editing or reviewing text to make it sound more natural and human-written. Based on Wikipedia's comprehensive "Signs of AI writing" guide. Detects and fixes patterns including: inflated symbolism, promotional language, superficial -ing analyses, vague attributions, em dash overuse, rule of three, AI vocabulary words, negative parallelisms, and excessive conjunctive phrases. Credits: Original skill by @blader - https://github.com/blader/humanizer

11457

game-development

davila7

Game development orchestrator. Routes to platform-specific skills based on project needs.

15249

2d-games

davila7

2D game development principles. Sprites, tilemaps, physics, camera.

14448

You might also like

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

1,6771,424

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

1,2511,311

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

1,5211,142

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

1,344805

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

1,255723

pdf-to-markdown

aliceisjustplaying

Convert entire PDF documents to clean, structured Markdown for full context loading. Use this skill when the user wants to extract ALL text from a PDF into context (not grep/search), when discussing or analyzing PDF content in full, when the user mentions "load the whole PDF", "bring the PDF into context", "read the entire PDF", or when partial extraction/grepping would miss important context. This is the preferred method for PDF text extraction over page-by-page or grep approaches.

1,463673

Related MCP Servers

Browse all servers
Spec-Driven DevelopmentSpec-Driven Development

Streamline your team software process with Spec-Driven Development, optimizing the software development life cycle using

199 tools
Feishu ProjectFeishu Project

Automate requirement analysis, bug tracking, and task management in Feishu with powerful project management automation t

50 tools
AnsibleAnsible

Empower automation using Ansible Tower MCP Server—AI-ready, Docker support, and seamless orchestration for advanced work

20 tools
Chrome MCPChrome MCP

Chrome extension-based MCP server that exposes browser functionality to AI assistants. Control tabs, capture screenshots

10,6750 tools
Desktop Commander MCPDesktop Commander MCP

Terminal control, file system search, and diff-based file editing for Claude and other AI assistants. Execute shell comm

5,6310 tools
Claude ContextClaude Context

Claude Context offers semantic code search and indexing with vector embeddings and AST-based code splitting. Natural lan

5,5770 tools