Preface
This book provides some theories and tools to prepare readers for the fast-paced and subversive world of cyber conflict. This book is designed to give competitors in various infosec attack and defense competitions a serious advantage, through providing theory, scripts, and techniques that will put the opponent on the backfoot. These same strategies can easily be applied to a real-world cyber incident, giving incident responders new tricks to deceive and best attackers. This book draws from years of competition experience, many well-accepted industry concepts, and existing open source tools rather than reinventing the wheel each chapter. The goal of Adversarial Tradecraft in Cybersecurity is to dive deep into both deceptive attacker techniques and detections. This text starts with a chapter on theory to help prepare readers for the following chapters, followed by a chapter focused on setting up supporting infrastructure. After that, the book works through various escalating techniques that may be leveraged by either side in a cyber conflict. Chapters 3 through 8 cover tactics, techniques, and tools that both sides can leverage to get the advantage in a conflict. Chapter 8 specifically goes into how to resolve a conflict and remediate an intrusion such that the attacker doesn't maintain access. A synopsis of each chapter can be found below, covering some of the high-level topics included in the book.
