معرفی کتاب Hands-On Red Team Tactics
با سلام خدمت همراهان همیشگی فرکیان تک. با شما هستیم با کتاب Hands-On Red Team. این کتاب بر مفاهیم تکنیک های امنیتی تمرکز کرده است.
معرفي کتاب :
کتاب Red Teaming براي افزايش امنيت با انجام حملات شبيه سازي شده بر روي يک سازمان به منظور شناسايي آسيب پذيري هاي شبکه و سيستم استفاده مي شود . این کتاب با مروري بر pentesting و Red Teaming شروع ميشود و نحوه استفاده از Cobalt Strike ، راه اندازي سرور ، تکنیک های چرخش بر روی SSH ، آشنایی با سرور ها و ريدايرکتورهاي Command and Control (C2) را آموزش می دهد . در پايان اين کتاب، با ابزارهاي پيشرفته تست نفوذ ، تکنيکهاي دريافت پوستههاي معکوس بر روي کانالهاي رمزگذاريشده و فرآيندهاي پس از بهرهبرداري آشنا خواهيد شد .
فهرست مطالب :
1: The red team and the pantheon
2: Pentesting 2018
3: Foreplay – Metasploit Basics
4: شروع کار با Cobalt Strike
5: ReverseShell
6: Rotation
7: Master of Puppets
8: مخفی کردن C2s – معرفي Redirectors
9: دستيابي به پايداري
10: استخراج داده ها
آنچه خواهيد آموخت :
آشنایی با تمامي ابزارها و FrameworKهاي موجود در Metasplot
دسترسي مخفيانه به سيستم ها از طريق Red Teaming
مفهوم Redirectors
درک تکنيک هاي مختلف غير معمول براي استخراج داده ها
برای مشاهده تمامی کتاب های زبان اصلی بر روی لینک کلیک کنید .
با ما همراه باشید.
Book Description
Red Teaming is used to enhance security by performing simulated attacks on an organization in order to detect network and system vulnerabilities. Hands-On Red Team Tactics starts with an overview of pentesting and Red Teaming, before giving you an introduction to few of the latest pentesting tools. We will then move on to exploring Metasploit and getting to grips with Armitage. Once you have studied the fundamentals, you will learn how to use Cobalt Strike and how to set up its team server.
The book introduces some common lesser known techniques for pivoting and how to pivot over SSH, before using Cobalt Strike to pivot. This comprehensive guide demonstrates advanced methods of post-exploitation using Cobalt Strike and introduces you to Command and Control (C2) servers and redirectors. All this will help you achieve persistence using beacons and data exfiltration, and will also give you the chance to run through the methodology to use Red Team activity tools such as Empire during a Red Team activity on Active Directory and Domain Controller.
In addition to this, you will explore maintaining persistent access, staying untraceable, and getting reverse connections over different C2 covert channels.
By the end of this book, you will have learned about advanced penetration testing tools, techniques to get reverse shells over encrypted channels, and processes for post-exploitation.
Table of Contents
1: Red-Teaming and Pentesting
2: Pentesting 2018
3: Foreplay – Metasploit Basics
4: Getting Started with Cobalt Strike
5: ./ReverseShell
6: Pivoting
7: Age of Empire – The Beginning
8: Age of Empire – Owning Domain Controllers
9: Cobalt Strike – Red Team Operations
10: C2 – Master of Puppets
11: Obfuscating C2s – Introducing Redirectors
12: Achieving Persistence
13: Data Exfiltration
What You Will Learn
Get started with red team engagements using lesser-known methods
Explore intermediate and advanced levels of post-exploitation techniques
Get acquainted with all the tools and frameworks included in the Metasploit framework
Discover the art of getting stealthy access to systems via Red Teaming
Understand the concept of redirectors to add further anonymity to your C2
Get to grips with different uncommon techniques for data exfiltration