Welcome to RedMimicry, your semi-automated solution for breach and attack emulation. RedMimicry empowers you to test cyber defenses against realistic attacks, modeled after the latest threats.

Key Features

RedMimicry is designed for efficiency and ease of use, reducing the need for specialized offensive security engineering.

  • Comprehensive: Conduct regular and efficient tests of your cyber defense systems and Security Operations Centers (SOCs).
  • Realistic Threat Emulation: Features Techniques, Tactics, and Procedures (TTPs) comparable to actual threats, such as LockBit.
  • Repeatable Test Scenarios: Test endpoints with minimal additional effort in a repeatable manner.
  • User-Friendly Interface: Navigate with ease through a web interface designed for intuitive use.
  • Frequent Updates: Stay ahead with updates on emerging threat scenarios.
  • Scalable: Select the solution that best meets your needs, available as an on-premises option for optimal information security, and soon to be offered as a hosted SaaS solution.

Use Cases

RedMimicry serves security consultancies, penetration testers, and enterprise customers with its versatile scenario range. It challenges endpoint and network-based defenses as well as SOC teams at all skill levels. Customers use RedMimicry to evaluate the effectiveness of existing security measures and to create realistic training scenarios for security analysts.

Scenario Example: LockBit Ransomware Attack

RedMimicry’s scenarios, like the LockBit ransomware attack simulation, offer realistic assessments of your cyber defenses.

One exemplary scenario available on the RedMimicry platform simulates a LockBit ransomware attack targeting a Windows client. It starts with a deceptive “Fake Browser Update” download, a common method for gaining initial access that mirrors the strategies used by the SocGholish malware. The attack unfolds through several detailed steps:

  1. Initial Access: The attack begins with the delivery of a ZIP file containing loader malware through a website using HTML smuggling, disguised as a browser update.
  2. Execution and Persistence: Upon execution, the malware sideloads an unsigned DLL from the ZIP’s signed EXE file, establishing persistence within the system by manipulating files and startup procedures.
  3. Host Enumeration and Data Theft: The scenario performs host enumeration and data theft using PowerShell commands and an infostealer tool.
  4. Encryption: The attack concludes with the encryption of files on the target system.

Stay Up to Date About RedMimicry

For the latest on product releases and to participate in our scheduled demonstration webinars with Q&A sessions, we invite you to subscribe below.

→ Get Notified