Red team assessments are distinct from penetration tests in many ways, typically in assessment duration, tradecraft sophistication, and level of active incident response. If the assessment is so different, why would you want to use the same attack infrastructure you’d use on a penetration test? This talk will cover how to design and leverage an effective covert attack infrastructure. I’ll cover practical design considerations, demonstrate covert attack infrastructure concepts, and provide sample attack infrastructures. This talk will not cover the nitty-gritty HOW aspect of infrastructure deployment, focusing instead on the WHAT and WHY aspects.