Key Features
Build, manage, realize and measure an offensive red team program
Leverage the Homefield Advantage to stay ahead of your adversaries
Understand core adversarial tactics and techniques with practical examples, as well as guidance for protecting pentesters and pentest assets
Book Description
An organization must be ready to detect and respond effectively to security events and breaches. Preventive measures alone are not enough in dealing with adversaries. A well-rounded prevention, detection and response program is required. This book aims to raise the bar by highlighting homefield advantage opportunities.
Embrace the Red: The first part of the book focuses on establishing, managing and measuring a red team program, as well as ideas for sharing results and demonstrating impact to raise awareness. Readers will learn about progressive operations like crypto currency mining, focused privacy testing, targeting telemetry and blue team tooling, and more.
The second part is dedicated to tactics, techniques, and security research. Rather than enumerating how to use typical pen test tools, the reader will learn foundational techniques to improve effectiveness. First, we cover knowledge graphs and how to build one. Next hunting for credentials will be covered from basics to advanced techniques. And readers will learn how to protect assets using decoys, auditing, and alerting with examples for major operating systems.
By the end of this book, readers will be proficient with the knowledge required to build and measure a red team program and learn about operational tactics and techniques to augment existing skills.
What you will learn
How to build, manage and measure an effective red team program
How to leverage Homefield Advantage to stay ahead of adversaries
How to communicate results and influence decision makers with novel ideas and data points
Map out the homefield using knowledge graphs
How to hunt for credentials using indexing and many other practical techniques
Learn how to protect the pen tester, locking down machines, creating alerts and notifications, and leverage decoys and deceptions
Gain insights into blue team tooling (osquery, ELK) to elevate your red teaming skills
Who This Book Is For
This book is meant for pen testers, cybersecurity analysts, security leaders & strategists, as well as red team members and CISO’s looking to make their organizations more secure from adversaries. To get the most out of the technical part of the book, some penetration testing experience, as well as some software engineering and debugging skills are necessary. The program management part is suited for beginners as well.
