Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Purple Team Strategies

You're reading from Purple Team Strategies Enhancing global security posture through uniting red and blue teams with adversary emulation

Product type Paperback

Published in Jun 2022

Publisher Packt

ISBN-13 9781801074292

Length 450 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

Penetration Testing

Authors (4):

David Routin

Samuel Rossier

Simon Thoores

Michael Molho

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Concept, Model, and Methodology

2. Chapter 1: Contextualizing Threats and Today's Challenges FREE CHAPTER

3. Chapter 2: Purple Teaming – a Generic Approach and a New Model

4. Chapter 3: Carrying out Adversary Emulation with CTI

5. Chapter 4: Threat Management – Detecting, Hunting, and Preventing

6. Part 2: Building a Purple Infrastructure

7. Chapter 5: Red Team Infrastructure

8. Chapter 6: Blue Team – Collect

9. Chapter 7: Blue Team – Detect

10. Chapter 8: Blue Team – Correlate

11. Chapter 9: Purple Team Infrastructure

12. Part 3: The Most Common Tactics, Techniques, and Procedures (TTPs) and Defenses

13. Chapter 10: Purple Teaming the ATT&CK Tactics

14. Part 4: Assessing and Improving

15. Chapter 11: Purple Teaming with BAS and Adversary Emulation

16. Chapter 12: PTX – Purple Teaming eXtended

17. Chapter 13: PTX – Automation and DevOps Approach

18. Chapter 14: Exercise Wrap-Up and KPIs

19. Other Books You May Enjoy

Credential access

Once an attacker gets remote access within an organization's network and has enough privileges on that machine, there are extremely few chances that it will stop there and try not to compromise other assets. Its objective is likely located in other assets. But to move laterally on other systems, it will often need to possess the relevant credentials. That is when the credential access tactic occurs.

Credential access is a key step within the kill chain and can be used many times, depending on the need of the cyber operations that are being conducted by the threat actor. Its goal is to retrieve credentials in the form of username and passwords, tokens, or password hashes.

In this section, we will look at one of the most famous sub-techniques that's leveraged by threat actors called T1003.001 – OS Credential dumping: LSASS memory. Another technique that will not be covered but that is also quite trendy among threat actors is the T1555 –...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (4)

Molho

Molho

See other products by Molho

Routin

Routin

David Routin started, in his teens, to learn cybersecurity in the 90s, the passion is continued through various contributions or projects such as MITRE ATT&CK framework, SIGMA, vulnerability disclosures (Microsoft), public events speaking and multiple publications from French MISC magazine to this book. As a professional, he owned various positions from security engineer to CISO. For the last ten years as Security Operations Center Manager roles, he built and operated multiple SOC for MSSP or private companies. His areas of expertise are SOC, Blue & Purple teaming, incident response, forensic (SANS GCIH/GCFA), detection engineering, management and compliance (ISO27001 or PCI).

See other products by Routin

Rossier

Rossier

Samuel Rossier is currently SOC lead within a government entity where he focuses on detection engineering, incident response, automation, and cyber threat intelligence. He is also a teaching assistant at the SANS Institute. He was previously responsible for a private bank group CIRT, and also worked as an SOC manager within an MSSP. He also spent several years within a consulting cybersecurity practice. Samuel currently holds a master's degree in information systems and several information security certifications, including GRID, GMON, eCIR, eCTHP, eCRE, eNDP, and eJPT. He is also a contributor to the MITRE D3FEND and SIGMA frameworks and likes to speak at conferences and analyze malware. He values a strong emphasis on the people dimension of cybersecurity by sharing knowledge.

See other products by Rossier

Thoores

Thoores

Simon Thoores is a cybersecurity analyst specialized in Forensic and Incident Response. He started his career as a Security Analyst after obtaining an Engineering diploma in Information System architecture focus on security. He built his forensics and reverse engineering skills during large-scale incident responses from malware and ransomware attacks to more advanced attacks for a wide variety of environments, he finally certified these skills with GCFA. Then he moved to the Cyber Threat Intelligence field to better understand attacker methodologies to align and strengthen response and support for his clients. Lately he decided to put his skills and knowledges to emulate threat actors to help customer improve their security.

See other products by Thoores

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m