Use Cases

Tear Drop - Red Teaming

Identifying Internal Security Gaps With Red Teaming

Red team engagements are the best way of testing your organization with full "Cyber Kill Chain" approach. However, red team engagements requires highly skilled experts, lots of different tools and time. That's why you can't do it within short periods. You are becoming vulnerable until the next red team engagement.

  • Tear Drop's machine learning backed algorithm analyzes your Windows domain network and creates the best attack paths like a real hacker. It extracts credentials, laterally moves around the domain network, detects valuable data and reports all important point. Tear Drop enables the organization to close all the security gaps before real attack occurs.

Analyzing Performance of Your Defensive Security Solutions

Organizations around the world are investing billions of dollars in defensive security solutions to protect their critical assets. However, when we look at the APT group attacks, those solutions are not enough to hold attackers back. Organizations can't know if their defensive solutions are good enough until the real attack occurs.

  • You can test defensive solution's capability with Tear Drop's Adversary Simulation module. Tear Drop consists of different MITRE ATT&CK™ techniques for Windows, Linux and macOS operating systems. There are also 15+ different APT groups with their specific scenarios are included in Tear Drop too. We leverage Tear Drop intelligence team to keep pace with changes in different adversary groups’ tactics used to target organizations.
Tear Drop - Test Defensive Capabilities
Tear Drop - Defending Against Phishing E-mails

Defending Against Phishing E-mails

Email is an essential part of our everyday communications. It is also one of the most common methods that hackers use to attempt to gain access to your network. More than 90% of data breaches start with a phishing attack. Despite record investments in cyber security technology, phishing attacks still works! Organizations can't know if their phishing e-mail protection mechanisms works until a real attack occurs.

  • Tear Drop provides you almost anything that can be helpful for phishing e-mail assessments. You can find your company e-mails from public websites with "E-mail Harvester" tool. You can use our integrated domain names and e-mail templates for your phishing campaigns. Check which employee(s) have opened your malicious attachment. If anybody did it, you can start fully automated red team engagement on the network.

Discovering Internal and External Assets

Large organizations are usually lost track on their servers, endpoints and various of machines. They can't know what kind of services they are running, are they up-to-date etc. Even worse, sometimes their assets are exposed to public internet without their knowledge. It's a big problem since the attackers are looking for vulnerable machines on the internet every day.

  • Tear Drop helps you to discover your internal or internet-faced (external) assets easily. It detects machines, running services on them and their versions, provides you screenshots from them. With it's Shodan integration, you don't have to scan your external IP range. Just use Tear Drop's simple interface to query your external IP range and get results in seconds.
Tear Drop Discovery
Tear Drop Exploit

Penetrating Your Vulnerabilities

Vulnerability assessment became a mainstream activity for almost every organization. They are using softwares like Nessus, Nexpose, OpenVAS to find vulnerabilities in their infrastructure. But they can't be sure if those vulnerabilities are exploitable. If they are exploitable, what are the risks and impacts? To answer these questions, they need to work with penetration testing specialists. But penetration testers need lots of time, different tools to complete their mission. Therefore, organizations can't know their risks on daily basis.

  • Tear Drop's "Smart Exploitation Module" identifies vulnerabilities and safely exploits them if it's possible. If you already use vulnerability scanners like Nessus, Nexpose, OpenVAS, just upload their report to Tear Drop and check which vulnerabilities are exploitable. After exploitation finishes, post-exploitation part starts. If you want to take the wheel, Tear Drop provides you lots of one-click use post-exploitation modules. If you don't, just start automated red team engagement and Tear Drop handles the rest.

Identifying PII Data Around Your Organization

Organizations usually keep PII data securely on well-protected databases. However, they usually don't consider the data located inside Office documents, text files on their employee's computers. Hackers are targeting those local files to cause reputation damage.

  • Tear Drop automatically detects PII Data on endpoints during red team engagement. It reports what kind of data is found in which computer and in which file. Only masked data reaches Tear Drop's server. Therefore, tester can't see the real PII data.
Tear Drop PII Data