Over the course of this book, we've discussed a lot of topics covering the phases of penetration testing, from information gathering for exploitation to cover our tracks. To execute a successful penetration test without the target’s security team being aware, you must be stealthy like a hacker.
Apart from detecting and exploiting vulnerabilities during a penetration test, organizations also use this type of service to test their existing security controls and detection rate.
As mentioned in Chapter 2, Understanding the Phases of the Pentesting Process, the blue team is responsible for the monitoring, detection, and mitigation of any security threats within a parent organization. If the blue team should fail to detect the activities of a penetration tester, this would mean two things: the penetration tester was extremely stealthy and the...