Understanding red teaming
Possibly the most commonly known team among users of Kali Linux, the red team is the name given to the collective of individuals responsible for handling the offensive side of security as it relates to OSINT, scanning, vulnerability assessments, and the penetration testing of resources, including but not limited to individuals, companies, host end users (desktops, laptops, mobiles), and network and critical infrastructure such as servers, routers, switches, firewalls, NAS, databases, WebApps, and portals. There are also systems such as IoT, Operational Technology (OT) devices, and Industrial Control Systems (ICS), which also require assessments by highly skilled red teamers.
Red teamers are generally thought of as highly skilled ethical hackers and penetration testers who, apart from having the skill sets to conduct the assessments listed previously, may also have the technical certifications that allow them to do so. Although certifications may not directly reflect the abilities of the individuals, they have been known to aid in obtaining jobs.
Some red teaming certifications include (but are not limited to):
- Offensive Security Certified Professional (OSCP): Developed by the creators of Kali Linux
- Certified Ethical Hacker (CEH): From the EC-Council
- Practical Network Penetration Tester (PNPT): Developed by TCM Security
- Pentest+: By CompTIA
- SANS SEC: Courses from the SANS Institute
- e-Learn Junior Penetration Tester (eJPT): Developed by e-Learn Security for beginners interested in becoming red teamers
Ultimately, all of this knowledge allows red teamers to conduct offensive attacks (with explicit permission) against companies to simulate internal and external threat actors and essentially hack systems and security mechanisms in the same manner in which malicious actors would compromise and exploit the attack surface of an individual, company, or valued asset.
Kali Linux generally contains all the tools required to perform almost all types of offensive security and red teaming assessments. On a personal note, Kali Linux is my go-to operating system of choice for penetration testing as most of the tools required for fingerprinting, reconnaissance, OSINT, vulnerability assessments, exploitation, and reporting are all readily available and preinstalled on the platform. I’ve been using Kali to conduct red team exercises for over 12 years and I don’t see that changing anytime soon, as they’ve always maintained the OS and support for tools over the years.
Let’s move on to blue teaming now.
