Let's discuss a different approach: red-teaming. The main objective of red-teaming is to assess and obtain the real level of risk a company has at that moment in time. In this activity, networks, applications, physical, and people (social engineering) are tested against weaknesses.

Red-teaming can also be considered as a simulation of a real-world hack.

Red-teaming is based on the PTES standard as the foundation. However, there's much more to it. It can be said that the penetration testing activity is performed with the aim of finding as many vulnerabilities in the given amount of time as possible. However, red-teaming is performed with only one goal and by staying discreet.

The methodology used in a red-team activity involves the following:

• Reconnaissance
• Compromise
• Persistence
• Command and control
• Privilege escalation
• Pivoting
• Reporting and cleanup

The following cycle basically repeats for every new piece of information that is found about the client until the goal is met:

Let's look at it with a different perspective to get a clearer picture:

Looking at the preceding diagram, we can see that red-teaming involves using every means to achieve the goals. We can summarize the major difference between red-teaming and pentesting as follows:

• Red-teaming involves finding and exploiting only those vulnerabilities that help to achieve our goal, whereas pentesting involves finding and exploiting vulnerabilities in the given scope, which is limited to digital assets
• Red-teaming has an extremely flexible methodology, whereas pentesting has fixed static methods
• During red-teaming, the security teams of the organizations have no information about it, whereas during pentesting, security teams are notified
• Red-teaming attacks can happen 24/7, while pentesting activities are mostly limited to office hours
• Red-teaming is more about measuring the business impact of the vulnerabilities, whereas pentesting is about finding and exploiting vulnerabilities.