Systems targets
Manage all the Systems Targets of the company
During an attack simulation, the Attack Vector establishes connections with each System Target to execute the events. Commands, programs, or tools are launched on the Target System to accurately replicate the attackers' behaviors.
A System Target can be a physical or virtual server or workstation running a Windows, Linux, or macOS operating system.
For the best results, System Targets must be representative of the defenses in place, based on what is commonly used (EDR, antivirus, SIEM integration, etc.).
System Targets list
This list provides all information about your System Targets:
- Operating system
- Name
- IP address
- Authentication type
- Username
- Last connection test status from an Attack Vector
- If its assigned to a campaign
To facilitate the use of this list, several features are available:
- Display order
- Application of filters: OS, authentication type and if assigned or not
- Search field
Create a System Target
Check the Setup section titled "2) Add a System Target" in this documentation for more information on what you need and how to configure such assets.
From the Resources > System Targets page, click the
Create a system target button in the top right corner.Provide the essential information for your System Target by giving:
- Name for identification in the BlackNoise application
- The IP address
- The OS type
You can then select from various authentication methods based on the chosen OS type. This authentication information is essential for the Attack Vector to connect to the System Target and execute the simulation events.
As an option, you can directly test the connection to the target. Enable the switch
Launch a connection test before creating the system target and select your chosen Attack Vector and access protocol. In this case, the target will be created only if the test is validated.
Edit a System Target and test its connection
The name of a target is only an alias. You can change it as you want by clicking on a target and accessing its details view.
You can also modify the username and/or the password (or key) used to connect to the target by using the
Update credentials button.This screen also allows you to test the connection to the target by selecting an Attack Vector of your choice and the connection protocol. This makes it possible to validate that the flows are open, that the required service is active, and that the credentials are valid.
This sketch cannot currently be displayed in exports
For information regarding the campaign perimeter and the connection between Attack Vector and System Target, kindly consult our FAQ:
How does the Attack Vector connect to the System Targets to execute the events?
Need help to enable and test WMI access from BlackNoise Attack Vector to your Windows System Target?