RTW Methodology
The RedTeamer.wiki methodology (RTW) is built around three fundamental principles that reflect the operational lifecycle of real-world adversaries:
- Get In → Establish initial access.
- Stay In → Maintain presence and evade detection.
- Act → Execute mission objectives.
This model distills the essence of Red Teaming: not just exploiting vulnerabilities, but simulating persistent, realistic, and goal-oriented adversary behavior.
Why This Model?
- Simplicity: Clear structure for planning and communication.
- Realism: Inspired by how advanced threat actors operate.
- Coverage: From entry to persistence and mission impact.
Overview
Get In
The entry point: phishing, exploiting exposed services, supply chain, or physical access.
Focus: stealthy initial compromise that mirrors real adversaries.
Stay In
Once inside, maintaining a foothold without triggering alarms.
Focus: persistence, privilege escalation, lateral movement, and OPSEC.
Act
Carrying out the objectives: data access, exfiltration, domain dominance, or impact scenarios.
Focus: mission success and clear reporting to improve defensive posture.