The community
We have a big community out there on GitHub, which is creating a lot of PowerShell automation modules, but also many pentesting frameworks. In this context, we very often use the specifications red teams and blue teams. Red teams consist of attackers, who try to find and make use of weaknesses in the environment. There is, though, a small difference between pentesters and red teams, as pentesters try to find as many vulnerabilities as possible in a specified time frame. To accomplish this, they use automated tools to retrieve information and find vulnerabilities. As these attacks are very often distributed from external partners, they also don't have any problem alerting the blue teams by any means, as long as this does not hinder them in finding further vulnerabilities. Red teams, in comparison, run real world adversaries and are just focused on retrieving their goal, which in most cases lies in capturing domain admin rights.Â
They may use custom malware and tools and always...
