2) Add a Target System

This component is the target of the events executed. You will assign those targets during the campaign creation process.

During an attack simulation, the Attack Vector establishes connections with each Target System to execute events. Commands, programs, or tools are launched on the Target System to accurately replicate the attackers' behaviors. For more details, visit  this link .
A Target System can be a physical or virtual server or workstation running a Windows, Linux, or macOS operating system.
Best Practices: For the best results, Target Systems must be representative of the defenses in place, based on what is commonly used (EDR, antivirus, SIEM integration, etc.).


A) Create a Target System

    From the Resources > Target Systems page, click the Create a target system button in the top right corner.
    Provide the essential information for your Target System by giving:
  • Name for identification in the BlackNoise application
  • The IP address
  • The OS type
    You can then select from various authentication methods based on the chosen OS type. This authentication information is essential for the Attack Vector to connect to the Target System and execute the simulation events. Therefore, you must provide the required credentials to enable this connection.
  • For Windows OS: local account or domain account
  • For Linux and macOS: local account with login & password or key

The Attack Vector connects to each Target System using the login details from this screen to carry out the BlackNoise events. Commands, programs, or tools are run on the Target System to mimic the attackers' actions. Various protocols can be used for this:
- WMI for Windows
- SSH for Linux and macOS

For information regarding the connection between Attack Vector and Target System, kindly consult our FAQ:
- How does the Attack Vector connect to the Target Systems to execute the events?
- Need help to enable and test WMI access from BlackNoise Attack Vector to your Windows Target System?

We invite you to test the connection between the Attack Vector and each Target System before launching a simulation to ensure that the flows are open and that the credentials are correct.

Some scenarios require specific accounts and privileges, these prerequisites are specified in the description of the scenarios.