Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Red Team Tactics

You're reading from   Hands-On Red Team Tactics A practical guide to mastering Red Team operations

Arrow left icon
Product type Paperback
Published in Sep 2018
Publisher
ISBN-13 9781788995238
Length 480 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
Harpreet Singh Harpreet Singh
Author Profile Icon Harpreet Singh
Harpreet Singh
Himanshu Sharma Himanshu Sharma
Author Profile Icon Himanshu Sharma
Himanshu Sharma
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Red-Teaming and Pentesting FREE CHAPTER 2. Pentesting 2018 3. Foreplay - Metasploit Basics 4. Getting Started with Cobalt Strike 5. ./ReverseShell 6. Pivoting 7. Age of Empire - The Beginning 8. Age of Empire - Owning Domain Controllers 9. Cobalt Strike - Red Team Operations 10. C2 - Master of Puppets 11. Obfuscating C2s - Introducing Redirectors 12. Achieving Persistence 13. Data Exfiltration 14. Assessment 15. Other Books You May Enjoy

A different approach

Let's discuss a different approach: red-teaming. The main objective of red-teaming is to assess and obtain the real level of risk a company has at that moment in time. In this activity, networks, applications, physical, and people (social engineering) are tested against weaknesses.

Red-teaming can also be considered as a simulation of a real-world hack.

Methodology

Red-teaming is based on the PTES standard as the foundation. However, there's much more to it. It can be said that the penetration testing activity is performed with the aim of finding as many vulnerabilities in the given amount of time as possible. However, red-teaming is performed with only one goal and by staying discreet.

The methodology used in a red-team activity involves the following:

  • Reconnaissance
  • Compromise
  • Persistence
  • Command and control
  • Privilege escalation
  • Pivoting
  • Reporting and cleanup

The following cycle basically repeats for every new piece of information that is found about the client until the goal is met:

How is it different?

Let's look at it with a different perspective to get a clearer picture:

Looking at the preceding diagram, we can see that red-teaming involves using every means to achieve the goals. We can summarize the major difference between red-teaming and pentesting as follows:

  • Red-teaming involves finding and exploiting only those vulnerabilities that help to achieve our goal, whereas pentesting involves finding and exploiting vulnerabilities in the given scope, which is limited to digital assets
  • Red-teaming has an extremely flexible methodology, whereas pentesting has fixed static methods
  • During red-teaming, the security teams of the organizations have no information about it, whereas during pentesting, security teams are notified
  • Red-teaming attacks can happen 24/7, while pentesting activities are mostly limited to office hours
  • Red-teaming is more about measuring the business impact of the vulnerabilities, whereas pentesting is about finding and exploiting vulnerabilities.

You have been reading a chapter from
Hands-On Red Team Tactics
Published in: Sep 2018
Publisher:
ISBN-13: 9781788995238
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime