You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Chapter 10: Protecting the Pen Tester

Pen testers must be concerned about the security of their own machines, especially those machines that contain sensitive client information, passwords, reports, and things along those lines. Pen testers are a prime target for adversaries. I know multiple pen testers that have been targeted and compromised by real-world adversaries, and that is not fun.

Hence, be aware of the importance of protecting pen test assets. Depending on what you are working on, the stakes could be high.

This and the following chapters will highlight a few custom and off-the-shelf tools and techniques that you can employ to gain better insights and protection, or at least hopefully steer some discussions to implement improvements. In this chapter, we will look at the importance of locking down and securing pen test assets. We will then improve the documentation by customizing shells to ensure that screenshots and screen recordings contain additional information by...