Cyber Attack Simulation

Cyber Attack Simulations, also called Red Team Engagements, are highly targeted assessments that aim to compromise critical data assets in your network, leveraging the vast scope an external attacker would have. Unlike a traditional penetration test, in which our penetration testers attempt to find and exploit any possible vulnerabilities in a defined scope, such as a web application, these engagements simulate a genuine cyber-attack on your organization.

A leader in these sophisticated campaigns, we have developed a world-class team of offensive security testers and researchers.

What is a Cyber Attack Simulation?

A Cyber Attack Simulation is an effective demonstration of the tangible risk posed by a dedicated and very persistent attacker, sometimes also called an advanced persistent threat (APT). In a Cyber Attack Simulation, the test team are instructed to compromise predetermined assets, using any and all means that a malicious actor might utilize in a legitimate attack. These comprehensive and complex security assessments are best suited for companies looking to improve a maturing security organisation.

Why are Cyber Attack Simulations Important?

Simulating a Cyber Attack is important in a number of ways. By harnessing this unique combination of attack capabilities, it helps clients learn the attack process to compromising critical business assets. Our team can discover where vulnerabilities exist in your network, applications, IoT devices, and personnel that you may well not find during traditional infrastructure or web application penetration tests. Performing a Cyber Attack Simulation can also determine the effectiveness of your security monitoring and alerting capabilities, as well as weaknesses in your incident response policy and procedures.

The demonstrated impact from the attack simulation reveals a much larger picture that will aid your organisation in the prioritisation and planning of your future security initiatives.

Cyber Attack Simulation Methodology


Penetration testing is normally concerned with which assets to include in scope. However, with a simulated cyber attack, or red team engagement, we aim to compromise critical business assets. The scoping process defines areas to exclude from the assessment. This is broken down into a few steps:

  • Compile a list of attack goals to be realised during the assessment
  • Put together a “Rules of Engagement” document that outlines the specific activities that are allowed. These might include aspect such as on-site social engineering and physical ingress, wireless attacks and other techniques
  • Document exclusions from the attack surface, such as certain known IP addressess that may be super critical or unstable, applications, and personnel
  • Confirm the official testing period and timezones, as well as what the attack source IP's will be
  • Acquire a letter of authorisation for any on-site activities

Download our Brochure

Our Cyber Attack Simulations include bespoke and highly customised attack scenarios based on real-world tactics that actual attackers are using. Download our brochure to understand how a goal-focused approach can reveal deeper security weaknesses.

Download our Brochure

Information Gathering and Reconnaissance

The initial work done in any black-box assessment is information gathering. It combines a myriad of Open Source Intelligence (OSINT) resources for gathering data on the target organization, and it is critical to the operation. Aggregating both public and private methods of intelligence gathering allows the team to develop an early structure for a plan or attack. The following are some examples of information we target during reconnaissance:

  • External network IP range, hosting providers, and open ports or services
  • Web and/or mobile applications, along with associated API endpoints
  • Personnel identities, email addresses, phone numbers, and subsequent data (like social media profiles)
  • Previously breached credentials and other information sources
  • IoT and various embedded systems in use by the organization

Mapping and Planning of Attack

After completing all initial information gathering, the process transitions to mapping our strategy and attack methodology. The approach varies widely, dependent on our intel from the previous stage and the developed footprint. These steps may include:

  • Enumerating subdomains hidden environments, and prepping applications
  • Analyzing cloud services for possible misconfigurations
  • Checking authentication forms for weak or default credentials
  • Correlating network and web applications to publicly- and internally-known vulnerabilities
  • Mapping any identified vulnerabilities for potential manual attack-vectors
  • Crafting social-engineering pretext scenarios

Executing Attack and Penetration

The variety of information gathered in the beginning phases lay the foundation for a whole host of attack options across all relevant vectors. These attack options may include the following:

  • Attacking services with previously mapped vulnerabilities from the previous phase
  • Compromising testing systems or sandboxes (often have fewer security protections)
  • Accessing any servers using breached credentials or brute force
  • Targeting personnel using various social engineering techniques
  • Combining attack vectors such as exploiting client-side vulnerabilities via phishing emails

Reporting and Documentation

Reporting is critical to understanding the value you receive from a Red Team engagement. Our reports are the best in the industry. Each is customized to the specific scope of the engagement and outlines any perceived vulnerabilities discovered. The reports are designed to be easily digestible but complete in the findings, giving both the exploitation likelihood and potential impact for each vulnerability. In addition, each vulnerability includes a remediation strategy for mitigating the risk associated with the vulnerability.

Explore the Demo Portal

Use the link in the top right to log into the portal. The credentials are:

Password: Demo-Password-2021


Hedgehog Security places great emphasis on the quality, reliability, and security of the services it offers. We are fully regulated by CREST, the Council for Regitered Ethical Security Testers and are authorised to deliver Cyber Security Consulting along with Penetration Testing, Vulnerability Scanning and IT Health Checks.

Cyber Security Consulting

Get in Touch

Kindly fill the form and we will get back to you.

Contact us if you are experiencing a Cyber IncidentHaving a Cyber Incident?