Skip to content
red

 

What is Red Team?

Red team is group of professionals who emulates hacker’s methodologies and conduct a security assessment for an organization and provide them security feedback. They are also known as Ethical Hackers. Their methodology is not only limited with only penetration testing but also contains techniques like social engineering, privilege escalation and more.

Cyber Chain kill

cyber kill chain

It is a series of step that a hacker performs to launch a successful attack. The methods and some of the tools along with their uses are mentioned below:

Reconnaissance: – There are various techniques for discovering without active involvement such as using whois information, using way back machine, techniques such as dorking, social media accounts, harvesting email addresses gathering info from breaches, using search engine likes shodan to gather more information

This step includes for active involvement are like determining the network range, enumerating active directory information, services running in the system.

Weaponization: – a hacker only needs one attack vector to be successful. Therefore, security is only as strong as its weakest point and it’s up to you to discover where those potential attack vectors are.

Delivery:- after gaining access a hacker need to deliver the payload into the right environment to exploit further and cause a persistent connection between the victim

Exploitation:- The exploitation of a system begins, depending on the type of attack. As mentioned before, some attacks are delayed and others are dependent on a specific action taken by the target, known as a logic bomb.

Installation :- This includes a backdoor or a remote access to provide on an attacker’s machine.

Command and Control:- an attacker will take control of systems and execute whatever attack they have in store for you.

Lateral Movement:-Attackers will move from system to system, in a lateral movement, to gain more access and find more assets.

Privilege escalation :-It is the method of exploiting a bug to gain higher access to a resource.

Reference links for Tools:-

https://github.com/jivoi/awesome-osint

https://github.com/infosecn1nja/Red-Teaming-Toolkit

https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

Weekly Newsletter

Subscribe to our weekly newsletter to get weekly update.