A “Red-Team” drop box is a small, innocuous computer designed to be implanted on a target’s internal network during a physical penetration test. Once a pentester has gained physical access to the facility, they can install the drop box, providing encrypted backdoor access to the target’s internal network, as well as a full suite of pentesting tools.
These devices can also be used outside of full-scale Red-Team assessments. For example, a pentesting firm might ship a drop box to a client, enabling them to perform vulnerability assessments and network penetration tests remotely.
In this tutorial, we’ll create a basic drop box, using a Raspberry Pi and Kali Linux, with three methods for Command and Control (C&C):