You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Section 2: Tactics and Techniques

The second part of this book is dedicated to tools and techniques, including practical scripts and code, that turned out to be useful throughout pen testing engagements across the Windows, Linux, and Mac infrastructures. Many of the tools and ideas are based on the research of other people in the industry and credit and links are provided whenever possible. Many concepts and ideas are decades old and I'm certain that some references are missing.

Hopefully, this will be a useful and practical compilation of tactics and techniques to look out for during penetration testing that you can use to highlight opportunities for collaboration with your blue team so that you can work together better as a team. We will start by looking at how to map out the homefield by using graph databases, dive into the concept of hunting for credentials, and how to automate tasks, how to leverage relay phishing proxies, and how to leverage browsers post-exploitation...