Infrastructure provisioning, domain registration, and aging. - Tooling development, testing, and validation against CrowdStrike in a lab environment. - Target reconnaissance and phishing pretext refinement. - Operational readiness review with red team manager.