Hands-On Red Team Tactics: A practical guide to mastering Red Team operations - Couverture souple

Sharma, Himanshu; Singh, Harpreet

 
9781788995238: Hands-On Red Team Tactics: A practical guide to mastering Red Team operations

Synopsis

Your guide to learning and implementing red team tactics effectively

Key Features

  • Target a complex enterprise environment in a red team activity
  • Detect threats and respond to them with a real-world cyber attack simulation
  • Explore advanced penetration testing tools and techniques

Book Description

Cybersecurity red teaming is used to enhance security by performing simulated attacks on an organization to detect network and system vulnerabilities. This book starts with an overview of pentesting and red teaming, and introduces you to some of the latest pentesting tools. You'll then explore Metasploit and get to grips with Armitage. Once you've studied the fundamentals, you'll learn how to use Cobalt Strike and set up its team server.

Hands-On Red Team Tactics covers some lesser known techniques for pivoting and helps you pivot over SSH, before using Cobalt Strike in a monitored environment. This guide demonstrates advanced post-exploitation methods and introduces you to Command and Control (C2) servers and redirectors, which will help you keep your team severs from getting detected. You'll achieve persistence using beacons and data exfiltration, and understand how to use red team activity tools, such as Empire, on Active Directory and Domain Controller. Furthermore, you'll be able to maintain persistent access, stay untraceable, and get reverse connections over different C2 covert channels.

By the end of this book, you'll be well versed with advanced penetration testing tools, techniques to get reverse shells over encrypted channels, and processes for post-exploitation.

What you will learn

  • Get started with red team engagements using less common methods
  • Explore a variety of post-exploitation techniques
  • Get acquainted with all the tools and frameworks included in the Metasploit framework
  • Discover how you can gain stealth access to systems via red teaming
  • Understand the concept of redirectors to add further anonymity to your C2
  • Work through a range of uncommon data exfiltration techniques

Who this book is for

Hands-On Red Team Tactics is for you if you are an IT professional, pentester, security consultant, or ethical hacker interested in the IT security domain and want to go beyond penetration testing. Prior knowledge of penetration testing will assist with understanding key concepts covered in this book.

Table of Contents

  1. Red-Teaming and Pentesting
  2. Pentesting 2018
  3. Foreplay - Metasploit Basics
  4. Getting Started with Cobalt Strike
  5. ./ReverseShell
  6. Pivoting
  7. Age of Empire - The Beginning
  8. Age of Empire - Owning Domain Controllers
  9. Cobalt Strike - Red Team Operations
  10. C2 - Master of Puppets
  11. Obfuscating C2s - Introducing Redirectors
  12. Achieving Persistence
  13. Data Exfiltration

Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.

À propos des auteurs

Himanshu Sharma has been in the field of security since 2009 and has been listed in the halls of fame of Apple, Google, Microsoft, Facebook, and many more. He has helped celebrities such as Harbhajan Singh in recovering their hacked accounts. He has been a speaker at various conferences worldwide such as BotConf, CONFidence, Hack In the Box, SINCON, Sec-T, Hackcon, and numerous others. Currently, he is the co-founder of BugsBounty. He also authored multiple bestsellers titled "Kali Linux - An Ethical Hacker's Cookbook", " Hands-On Red Team Tactics" and "Hands-On Web Pentesting with Metasploit."

Harpreet is a professional with 8+ years of experience in the field of Ethical Hacking, Penetration Testing, Vulnerability Research & Red Teaming. He is the author of "Hands-On: Web Penetration Testing with Metasploit" and "Hands-On: Red Team Tactics" published by Packt Publishing. He's also an OSCP, OSWP, CRTP certified professional. Over the years of his experience, Harpreet has acquired the Offensive & Defensive skill set. He is a professional who specializes in Wireless & network exploitation including but not limited to Mobile exploitation, Web Application exploitation and he has also performed few Red Team Engagements in Banks & Financial Groups.

Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.