Hands-on red team tactics : a practical guide to mastering red team operations /: a practical guide to mastering red team operations. (2018)
- Record Type:
- Book
- Title:
- Hands-on red team tactics : a practical guide to mastering red team operations /: a practical guide to mastering red team operations. (2018)
- Main Title:
- Hands-on red team tactics : a practical guide to mastering red team operations
- Other Titles:
- Red team tactics
- Further Information:
- Note: Himanshu Sharma, Harpreet Singh.
- Authors:
- Sharma, Himanshu
Singh, Harpreet - Contents:
- Cover; Title Page; Copyright and Credits; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Red-Teaming and Pentesting; Pentesting 101; OWASP; Open Source Security Testing Methodology Manual (OSSTMM); Information Systems Security Assessment Framework (ISSAF); Penetration Testing Execution Standard (PTES); Pre-engagement interactions; Intelligence gathering; Threat modeling; Vulnerability analysis; Exploitation; Post-exploitation; Reporting; A different approach; Methodology; How is it different?; Summary; Questions; Further reading; Chapter 2: Pentesting 2018. Technical requirementsMSFvenom Payload Creator; Resource file; Koadic; Installation; Why use MSHTA as the dropper payload?; Terminology; Stager establishment; Payload execution; Running Implants; Pivoting; Summary; Questions; Further reading; Chapter 3: Foreplay -- Metasploit Basics; Technical requirements; Installing Metasploit; Running Metasploit; Auxiliaries; Exploits; Payloads; Encoders; Meterpreter; Armitage and team server; Metasploit with slack; Armitage and Cortana scripts; Summary; Questions; Further reading; Chapter 4: Getting Started with Cobalt Strike; Technical requirements. Planning a red-team exerciseCyber kill chain (CKC); Reconnaissance; Weaponization; Delivery; Exploitation; Installation; Command and Control Server; Actions; Objective and goal; Rules of Engagement (RoE); Scenario/strategy; Deliverables; Introduction to Cobalt Strike; What is a team server?; Cobalt Strike setup; CobaltCover; Title Page; Copyright and Credits; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Red-Teaming and Pentesting; Pentesting 101; OWASP; Open Source Security Testing Methodology Manual (OSSTMM); Information Systems Security Assessment Framework (ISSAF); Penetration Testing Execution Standard (PTES); Pre-engagement interactions; Intelligence gathering; Threat modeling; Vulnerability analysis; Exploitation; Post-exploitation; Reporting; A different approach; Methodology; How is it different?; Summary; Questions; Further reading; Chapter 2: Pentesting 2018. Technical requirementsMSFvenom Payload Creator; Resource file; Koadic; Installation; Why use MSHTA as the dropper payload?; Terminology; Stager establishment; Payload execution; Running Implants; Pivoting; Summary; Questions; Further reading; Chapter 3: Foreplay -- Metasploit Basics; Technical requirements; Installing Metasploit; Running Metasploit; Auxiliaries; Exploits; Payloads; Encoders; Meterpreter; Armitage and team server; Metasploit with slack; Armitage and Cortana scripts; Summary; Questions; Further reading; Chapter 4: Getting Started with Cobalt Strike; Technical requirements. Planning a red-team exerciseCyber kill chain (CKC); Reconnaissance; Weaponization; Delivery; Exploitation; Installation; Command and Control Server; Actions; Objective and goal; Rules of Engagement (RoE); Scenario/strategy; Deliverables; Introduction to Cobalt Strike; What is a team server?; Cobalt Strike setup; Cobalt Strike interface; Toolbar; Connecting to another team server; Disconnecting from the team server; Configure listeners; Session graphs; Session table; Targets list; Credentials; Downloaded files; Keystrokes; Screenshots; Payload generation -- stageless Windows executable. Payload generation -- Java signed appletPayload generation -- MS Office macros; Scripted web delivery; File hosting; Managing the web server; Server switchbar; Customizing the team server; Summary; Questions; Further reading; Chapter 5: ./ReverseShell; Technical requirement; Introduction to reverse connections; Unencrypted reverse connections using netcat; Encrypted reverse connections using OpenSSL; Introduction to reverse shell connections; Unencrypted reverse shell using netcat; Encrypted reverse shell for *nix with OpenSSL packages installed; Encrypted reverse shell using ncat. Encrypted reverse shell using socatEncrypted reverse shell using cryptcat; Reverse shell using powercat; reverse_tcp; reverse_tcp_rc4; reverse_https; reverse_https with a custom SSL certificate; Meterpreter over ngrok; Reverse shell cheat sheet; Bash reverse shell; Zsh reverse shell; TCLsh/wish reverse shell; Ksh reverse shell; Netcat reverse shell; Telnet reverse shell; (G)awk reverse shell; R reverse shell; Python reverse shell; Perl reverse shell; Ruby reverse shell; Php reverse shell; Lua reverse shell; Nodejs reverse shell; Powershell reverse shell; Socat reverse shell over TCP. … (more)
- Publisher Details:
- Birmingham : Packt Publishing Ltd
- Publication Date:
- 2018
- Extent:
- 1 online resource (469 pages)
- Subjects:
- 005.8
Computer security
Computer networks -- Security measures
Computer networks -- Security measures
Computer security
Electronic books - Languages:
- English
- ISBNs:
- 9781788997003
- Related ISBNs:
- 178899700X
- Notes:
- Note: Print version record.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.334861
- Ingest File:
- 02_335.xml