Purple Team
Here are Purple Team validation use cases — scenarios where Red Team tactics are directly used to test or validate Blue Team defenses (SIEM, IDS/IPS, EDR, etc). Each use case includes the Red Team action, the expected Blue Team detection, and the log/artifact source
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Credential Dumping (LSASS Access)
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Brute-Force Login Attack
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Phishing + Payload Execution
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Suspicious PowerShell (Living off the Land)
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Lateral Movement (WMI, PsExec)
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
DNS Tunneling
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Reverse Shell via HTTP/S
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Malware Dropper Detection
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Command & Control (C2) Persistence
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Data Exfiltration over HTTPS
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Purple Team Playbook
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Purple Team Curriculum
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Scapy
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
LOIC / HOIC
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
SQLmap
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Aircrack-ng
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Hydra
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Bettercap
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
CrackMapExec
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
sshuttle
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Covenant
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Social-Engineer Toolkit
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
John the Ripper (JTR)
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates
Beginner
Host Discovery
Port Scanning
Service Version Detection
OS Fingerprinting
Quick Scan
Advanced
Our architecture services prioritize function and form to create spaces that stand the test of time.
Empire / Starkiller (PowerShell-based C2)
Beginner
SYN Scan (Stealth)
UDP Scan
Idle Scan (Zombie)
Fragment Packets
Timing Templates