You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Automating and remote controlling web browsers as an adversarial technique

Browsers are extremely powerful and offer the capability to store credentials, so you might be lucky just looking through a browser process memory to find cookies, passwords, or other information that could be relevant. We've already explored these scenarios, including how to steal saved passwords from Edge by accessing Windows Credential Manager.

What we will explore now is how to automate a browser so that we can remote control a session.

Based on an example we have been using in this book, let's consider Alice's workstation. Alice uses Windows and browses the web with a variety of browsers, include Edge and Chrome. Unfortunately, her workstation was compromised by Mallory via a phishing attack. Mallory is poised to search for credentials on the machine with similar tactics, but she wants to try something new.

Rather than exfiltrating cookies, why not use Alice's browser directly...