Hands-On Red Team Tactics: Gather exploitation intelligence, identify risk, and expose vulnerabilities
Himanshu Sharma, Harpreet Singh
- 出版商: Packt Publishing
- 出版日期: 2018-09-28
- 售價: $1,300
- 貴賓價: 9.5 折 $1,235
- 語言: 英文
- 頁數: 480
- 裝訂: Paperback
- ISBN: 1788995236
- ISBN-13: 9781788995238
Your one stop guide to learn and implement red team tactics effectively.
- Learn to identify risks and test how secure your environment is
- Level up your skill set to operate in a complex enterprise environment
- A step-by-step guide to help you mitigate risks and prevent attackers from infiltrating an enterprise
Red teaming is used to enhance security by performing security tests to detect network and system vulnerabilities.
This book will start with an overview of pentesting and red teaming and then quickly deep dive into giving an introduction of a few of the old and latest pentesting tools, as well as covering Metasploit, patching up servers and introducing Armitage. Next, you will understand how to set up a team server of Cobalt Strike and how to create a connection over SSH via TOR. The next set of chapters will help you understand pivoting over SSH, and you will learn how to use Cobalt Strike to pivot. The next set of chapters will cover advanced methods of exploitation using Cobalt Strike, and introduce you to Command-and-control servers (C2) and Redirectors. The last set of chapters will deep dive into achieving persistence with Beacons, Data Exfiltration, followed by case studies to understand the process of successful exploitation during a Red Team activity.
By the end of the book, you will have a good understanding of the advanced penetration testing tools and techniques, techniques to get reverse shells over encrypted channel, post-exploitation techniques & frameworks like Empire, which include maintaining persistent access. staying untraceable and getting reverse connections over TOR, SSH etc.
What You Will Learn
- Master the uncommon yet effective methods in a red teaming activity
- Learn intermediate and advanced levels of exploitation techniques
- Get acquainted with all the tools and frameworks beyond the Metasploit framework
- Discover the art of getting stealthy access to system via red teaming
- Understand the concepts of redirectors for further anonymity
- Summarize the lessons learned with the help of case studies
Who This Book Is For
This book aims at IT professionals who want to venture the IT security domain. IT pentesters, security consultants, and ethical hackers will also find this book useful. Basic penetration testing skills and techniques are required to become a red teamer from a pen tester.