Hands-On Red Team Tactics

A practical guide to mastering Red Team operations
 
 
Packt Publishing
  • 1. Auflage
  • |
  • erschienen am 28. September 2018
  • |
  • 480 Seiten
 
E-Book | PDF mit Adobe DRM | Systemvoraussetzungen
978-1-78899-700-3 (ISBN)
 
Your one-stop guide to learning and implementing Red Team tactics effectivelyKey FeaturesTarget a complex enterprise environment in a Red Team activityDetect threats and respond to them with a real-world cyber-attack simulationExplore advanced penetration testing tools and techniquesBook DescriptionRed Teaming is used to enhance security by performing simulated attacks on an organization in order to detect network and system vulnerabilities. Hands-On Red Team Tactics starts with an overview of pentesting and Red Teaming, before giving you an introduction to few of the latest pentesting tools. We will then move on to exploring Metasploit and getting to grips with Armitage. Once you have studied the fundamentals, you will learn how to use Cobalt Strike and how to set up its team server.The book introduces some common lesser known techniques for pivoting and how to pivot over SSH, before using Cobalt Strike to pivot. This comprehensive guide demonstrates advanced methods of post-exploitation using Cobalt Strike and introduces you to Command and Control (C2) servers and redirectors. All this will help you achieve persistence using beacons and data exfiltration, and will also give you the chance to run through the methodology to use Red Team activity tools such as Empire during a Red Team activity on Active Directory and Domain Controller.In addition to this, you will explore maintaining persistent access, staying untraceable, and getting reverse connections over different C2 covert channels.By the end of this book, you will have learned about advanced penetration testing tools, techniques to get reverse shells over encrypted channels, and processes for post-exploitation. What you will learnGet started with red team engagements using lesser-known methodsExplore intermediate and advanced levels of post-exploitation techniquesGet acquainted with all the tools and frameworks included in the Metasploit frameworkDiscover the art of getting stealthy access to systems via Red TeamingUnderstand the concept of redirectors to add further anonymity to your C2Get to grips with different uncommon techniques for data exfiltrationWho this book is forHands-On Red Team Tactics is for you if you are an IT professional, pentester, security consultant, or ethical hacker interested in the IT security domain and wants to go beyond Penetration Testing. Prior knowledge of penetration testing is beneficial.
  • Englisch
  • Birmingham
  • |
  • Großbritannien
  • Für Beruf und Forschung
978-1-78899-700-3 (9781788997003)
weitere Ausgaben werden ermittelt
Himanshu Sharma has already achieved fame for finding security loopholes and vulnerabilities in Apple, Google, Microsoft, Facebook, Adobe, Uber, AT&T, Avira, and many more with hall of fame listings. He has helped celebrities such as Harbhajan Singh in recovering their hacked accounts, and also assisted an international singer in recovering his hacked accounts. He was a speaker at the international conference Botconf '13, CONFidence 2018 and RSA Singapore 2018. He also spoke at IEEE Conference as well as for TedX. Currently, he is the cofounder of BugsBounty, a crowd-sourced security platform. Harpreet Singh has more than 5 years experience in the field of Ethical Hacking, Penetration Testing, and Red Teaming. In addition, he has performed red team engagement in multi-national banks and companies. Harpreet is a Offensive Security Certified Professional (OSCP) and Offensive Security Wireless Professional (OSWP). He has trained 1500+ students including Govt. officials in International projects.
  • Cover
  • Title Page
  • Copyright and Credits
  • Packt Upsell
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: Red-Teaming and Pentesting
  • Pentesting 101
  • OWASP
  • Open Source Security Testing Methodology Manual (OSSTMM)
  • Information Systems Security Assessment Framework (ISSAF)
  • Penetration Testing Execution Standard (PTES)
  • Pre-engagement interactions
  • Intelligence gathering
  • Threat modeling
  • Vulnerability analysis
  • Exploitation
  • Post-exploitation
  • Reporting
  • A different approach
  • Methodology
  • How is it different?
  • Summary
  • Questions
  • Further reading
  • Chapter 2: Pentesting 2018
  • Technical requirements
  • MSFvenom Payload Creator
  • Resource file
  • Koadic
  • Installation
  • Why use MSHTA as the dropper payload?
  • Terminology
  • Stager establishment
  • Payload execution
  • Running Implants
  • Pivoting
  • Summary
  • Questions
  • Further reading
  • Chapter 3: Foreplay - Metasploit Basics
  • Technical requirements
  • Installing Metasploit
  • Running Metasploit
  • Auxiliaries
  • Exploits
  • Payloads
  • Encoders
  • Meterpreter
  • Armitage and team server
  • Metasploit with slack
  • Armitage and Cortana scripts
  • Summary
  • Questions
  • Further reading
  • Chapter 4: Getting Started with Cobalt Strike
  • Technical requirements
  • Planning a red-team exercise
  • Cyber kill chain (CKC)
  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command and Control Server
  • Actions
  • Objective and goal
  • Rules of Engagement (RoE)
  • Scenario/strategy
  • Deliverables
  • Introduction to Cobalt Strike
  • What is a team server?
  • Cobalt Strike setup
  • Cobalt Strike interface
  • Toolbar
  • Connecting to another team server
  • Disconnecting from the team server
  • Configure listeners
  • Session graphs
  • Session table
  • Targets list
  • Credentials
  • Downloaded files
  • Keystrokes
  • Screenshots
  • Payload generation - stageless Windows executable
  • Payload generation - Java signed applet
  • Payload generation - MS Office macros
  • Scripted web delivery
  • File hosting
  • Managing the web server
  • Server switchbar
  • Customizing the team server
  • Summary
  • Questions
  • Further reading
  • Chapter 5: ./ReverseShell
  • Technical requirement
  • Introduction to reverse connections
  • Unencrypted reverse connections using netcat
  • Encrypted reverse connections using OpenSSL
  • Introduction to reverse shell connections
  • Unencrypted reverse shell using netcat
  • Encrypted reverse shell for *nix with OpenSSL packages installed
  • Encrypted reverse shell using ncat
  • Encrypted reverse shell using socat
  • Encrypted reverse shell using cryptcat
  • Reverse shell using powercat
  • reverse_tcp
  • reverse_tcp_rc4
  • reverse_https
  • reverse_https with a custom SSL certificate
  • Meterpreter over ngrok
  • Reverse shell cheat sheet
  • Bash reverse shell
  • Zsh reverse shell
  • TCLsh/wish reverse shell
  • Ksh reverse shell
  • Netcat reverse shell
  • Telnet reverse shell
  • (G)awk reverse shell
  • R reverse shell
  • Python reverse shell
  • Perl reverse shell
  • Ruby reverse shell
  • Php reverse shell
  • Lua reverse shell
  • Nodejs reverse shell
  • Powershell reverse shell
  • Socat reverse shell over TCP
  • Socat reverse shell over UDP
  • Socat reverse shell over SSL (cert.pem is the custom certificate)
  • Summary
  • Questions
  • Further reading
  • Chapter 6: Pivoting
  • Technical requirements
  • Pivoting via SSH
  • Meterpreter port forwarding
  • Pivoting via Armitage
  • Multi-level pivoting
  • Summary
  • Further reading
  • Chapter 7: Age of Empire - The Beginning
  • Technical requirements
  • Introduction to Empire
  • Empire setup and installation
  • Empire fundamentals
  • Phase 1 - Listener Initiation
  • Phase 2 - Stager Creation
  • Phase 3 - Stager Execution
  • Phase 4 - Acquiring Agent
  • Phase 5 - Post Module Operations
  • Empire post exploitation for Windows
  • Empire post exploitation for Linux
  • Empire post exploitation for OSX
  • Popping up a Meterpreter session using Empire
  • Slack notification for Empire agents
  • Summary
  • Questions
  • Further reading
  • Chapter 8: Age of Empire - Owning Domain Controllers
  • Getting into a Domain Controller using Empire
  • Automating Active Directory exploitation using the DeathStar
  • Empire GUI
  • Summary
  • Questions
  • Further reading
  • Chapter 9: Cobalt Strike - Red Team Operations
  • Technical requirements
  • Cobalt Strike listeners
  • Foreign-based listeners
  • Cobalt Strike payloads
  • Beacons
  • The beacon menu
  • Explore menu
  • Beacon console
  • Pivoting through Cobalt Strike
  • Aggressor Scripts
  • Summary
  • Questions
  • Further reading
  • Chapter 10: C2 - Master of Puppets
  • Technical requirements
  • Introduction to C2
  • Cloud-based file sharing using C2
  • Using Dropbox as the C2
  • Using OneDrive as the C2
  • C2 covert channels
  • TCP
  • UDP
  • HTTP(S)
  • DNS
  • ICMP
  • Summary
  • Questions
  • Further reading
  • Chapter 11: Obfuscating C2s - Introducing Redirectors
  • Technical requirements
  • Introduction to redirectors
  • Obfuscating C2 securely
  • Short-term and long-term redirectors
  • Redirection methods
  • Dumb pipe redirection
  • Filtration/smart redirection
  • Domain fronting
  • Summary
  • Questions
  • Further reading
  • Chapter 12: Achieving Persistence
  • Technical requirements
  • Persistence via Armitage
  • Persistence via Empire
  • Persistence via Cobalt Strike
  • Summary
  • Further reading
  • Chapter 13: Data Exfiltration
  • Technical requirements
  • Exfiltration basics
  • Exfiltration via Netcat
  • Exfiltration via OpenSSL
  • Exfiltration with PowerShell
  • CloakifyFactory
  • Running CloakifyFactory on Windows
  • Data exfiltration via DNS
  • Data exfiltration via Empire
  • Summary
  • Questions
  • Further reading
  • Assessment
  • Other Books You May Enjoy
  • Index

Dateiformat: PDF
Kopierschutz: Adobe-DRM (Digital Rights Management)

Systemvoraussetzungen:

Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat PDF zeigt auf jeder Hardware eine Buchseite stets identisch an. Daher ist eine PDF auch für ein komplexes Layout geeignet, wie es bei Lehr- und Fachbüchern verwendet wird (Bilder, Tabellen, Spalten, Fußnoten). Bei kleinen Displays von E-Readern oder Smartphones sind PDF leider eher nervig, weil zu viel Scrollen notwendig ist. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Bitte beachten Sie bei der Verwendung der Lese-Software Adobe Digital Editions: wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!

Weitere Informationen finden Sie in unserer E-Book Hilfe.


Download (sofort verfügbar)

44,59 €
inkl. 7% MwSt.
Download / Einzel-Lizenz
PDF mit Adobe DRM
siehe Systemvoraussetzungen
E-Book bestellen