# Philosophy ### The Benefits of Internal Red Teaming In response to a Twitter thread regarding if companies budget for 100s of hours consulting fees in prolonged engagements, MG said the following: One advantage of internal red teaming is that the $/hr isn't a focus. Rather, it becomes about lining up outcomes and value to a specific target, which is also hard to argue for without the more intimate internal relationships. Most companies aren't ready for this kind of thing like most aren't ready for having an 0day used during an operation. If you can't fend off the techniques being successfully run against tons of other companies, it's inappropriate to throw your money at fighting several classes above your weight. ### Initial Access Per Justin Elze, not many classes exist that are represnetative of 6-12 week red team engagements. Recon both pre and post exploitation is limited with AD being "run bloodhound in dc only", Linux, more complicated phishing, and avoiding being burned to the ground by IR. The hardest thing these days is initial access with clients who actually learn and improve from red teaming. Most places are trying to test orgnic detection and response by not telling anyone in defense besides some managers or directors. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ttp.parzival.sh/red-teaming/philosophy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.