802.1X Bypass to Ghost Pine AFB Outage
Reference scenario for end-to-end adversary-emulation and defensive validation
Experiments
Scenario library for adversary emulation and detection validation
This section documents adversary-emulation scenarios as repeatable validation cases.
Each experiment is intended to answer four practical questions:
- What behavior is being tested?
- What telemetry should make it visible?
- Which detections should respond?
- What changed after the validation run?
Credential Access Validation
Experiment focused on host telemetry, detection logic, and follow-on misuse
Lateral Movement Observability
Experiment focused on host and network visibility during east-west movement