You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Understanding attack and knowledge graphs

In previous chapters, we talked about attack graphs and learned how to use them to model and understand the path an adversary takes to achieve a mission objective. Take, for instance, the Bloodhound toolset (https://github.com/BloodHoundAD), which can be leveraged to scan and map out a Windows infrastructure.

But why stop there?

Why not gather more metadata in a graph database besides Active Directory information? Why not turn it into an entire knowledge graph for your organization? The graph can cloud assets such as GCP, AWS, Azure, Facebook, and Twitter, as well as vulnerability information (for instance, data from the Common Vulnerabilities and Exposure database), and so forth.

To build knowledge graphs, we can use free and commercial tools and graph systems, such as Neo4j or OrientDB. And, of course, there's the entire Apache TinkerPop ecosystem, which you should research and consider when building an enterprise knowledge...