Time Table

While the importance of Red Team exercises has been increasing in recent years, the process of developing attack scenarios, preparing tools, and building execution environments requires a significant amount of time and effort. This poses a major challenge that limits the frequency and quality of exercises.

To address these challenges, we have developed “GHARF,” an innovative framework that applies the mechanisms of Continuous Integration / Continuous Delivery (CI/CD) to Red Team operations, enabling efficient exercise execution.

This tool automates various phases, from the development of simulated attacks to their preparation and execution, by applying the CI/CD build and delivery mechanisms to Red Team operations. This significantly improves the efficiency of Red Team operations and enables rapid operational cycles. We call this concept “Continuous Attack Integration / Continuous Attack Delivery, Deployment (CAI/CAD).”

Tools offering similar functionalities include MITRE CALDERA and Atomic Red Team, which are categorized as BAS (Breach and Attack Simulation) tools. These tools aim to reduce Red Team workload and enable self-assessment by Blue Teams through the automation of simulated attacks. In contrast, GHARF is characterized by its focus on improving the efficiency of Red Teams themselves when conducting operations. Our approach aims to optimize the process for Red Teams to pursue more advanced and practical attack scenarios.

GHARF, at present, is limited to conveying the concept from an ethical perspective. However, we believe that by presenting concrete examples of CAI/CAD through this presentation, this concept will spread and contribute to the further development of the Red Team field.

Details of the tool are available in the README of the GitHub repository below. Please refer to it.

https://github.com/nttcom/gharf