Operational tradecraft is generally cultivated with a specific goal in mind. While playing competitive wargames you will most likely be focused on evading detection and not putting elements of your toolkit (infrastructure, exploits) at risk of inadvertent exposure.
- Post-Exploitation and Operational Security
- A Brief History of CTF and Tradecraft
- Operational Use of Offensive Cyber
Evaluate the operational tradecraft displayed during the following campaigns. Each design decision employed in these tools and campaigns has an operational philosophy behind it.
Some things to think about while evaluating tradecraft:
- Why did the actor chose to perform/implement X action/capability?
- Were any mistakes made? Was a decision flawed or shortsighted in some way?
- Was an action/capability anomalus? Does it fit with the rest of the operational philosophy?
- What was the actor most interested in protecting? (ex: Tools, Identities, Employers etc.)
- What can be learned from each campaign from an attackers standpoint? Defenders standpoint?
These are few public examples, groups, or organizations that discuss their own tradecraft. The AMA's below provide a rare glimpse into how extraordinarily talented groups operate.