[CDP-development] CISA Releases New Red Team Tool – RedEye   

Masse, Theresa theresa.masse at cisa.dhs.gov
Fri Oct 14 08:00:46 PDT 2022 

FYSA



Today, CISA released RedEye, an interactive open-source analytic tool for use by Red Teams to visualize and report command and control activities. This tool was developed in partnership with the Department of Energy Pacific Northwest National Lab. It allows a Red Team operator to quickly assess complex data associated with an engagement or penetration test (pen test), evaluate mitigation strategies, and enable effective decision making to strengthen an organizations cybersecurity posture.



RedEye will intake Cobalt Strike logs from a pen test or Red Team engagement that uses Cobalt Strike. With this information, the tool will arrange logs to be easily queried and display them in a graphical, timeline format. RedEye also parses logs and presents the data to each operator. Operators can then tag and add comments to the activities in the tool, which can then be used in a presentation mode to present findings and workflow to stakeholders.

Using this tool, Red Teams can quickly organize information and communicate findings, key events, and penetration paths, which without this tool would be a manual process scrolling through thousands of lines of text.
For more information, CISA encourages users to review RedEye on GitHub<https://github.com/cisagov/RedEye/> and watch CISA’s RedEye tool overview video<https://www.youtube.com/watch?v=b_ARIVl4BkQ>.

Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image001.png at 01D8DF9A.2F5E5AA0]


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20221014/e8bf298d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20221014/e8bf298d/attachment-0001.png>

More information about the CDP-development mailing list