Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cybersecurity Attacks ‚Äì Red Team Strategies
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cybersecurity Attacks – Red Team Strategies

Cybersecurity Attacks – Red Team Strategies

By : Rehberger
4.8 (9)
close
close
Cybersecurity Attacks – Red Team Strategies

Cybersecurity Attacks – Red Team Strategies

4.8 (9)
By: Rehberger

Overview of this book

It's now more important than ever for organizations to be ready to detect and respond to security events and breaches. Preventive measures alone are not enough for dealing with adversaries. A well-rounded prevention, detection, and response program is required. This book will guide you through the stages of building a red team program, including strategies and homefield advantage opportunities to boost security. The book starts by guiding you through establishing, managing, and measuring a red team program, including effective ways for sharing results and findings to raise awareness. Gradually, you'll learn about progressive operations such as cryptocurrency mining, focused privacy testing, targeting telemetry, and even blue team tooling. Later, you'll discover knowledge graphs and how to build them, then become well-versed with basic to advanced techniques related to hunting for credentials, and learn to automate Microsoft Office and browsers to your advantage. Finally, you'll get to grips with protecting assets using decoys, auditing, and alerting with examples for major operating systems. By the end of this book, you'll have learned how to build, manage, and measure a red team program effectively and be well-versed with the fundamental operational techniques required to enhance your existing skills.
Table of Contents (17 chapters)
close
close
1
Section 1: Embracing the Red
6
Section 2: Tactics and Techniques

Automating and remote controlling web browsers as an adversarial technique

Browsers are extremely powerful and offer the capability to store credentials, so you might be lucky just looking through a browser process memory to find cookies, passwords, or other information that could be relevant. We've already explored these scenarios, including how to steal saved passwords from Edge by accessing Windows Credential Manager.

What we will explore now is how to automate a browser so that we can remote control a session.

Based on an example we have been using in this book, let's consider Alice's workstation. Alice uses Windows and browses the web with a variety of browsers, include Edge and Chrome. Unfortunately, her workstation was compromised by Mallory via a phishing attack. Mallory is poised to search for credentials on the machine with similar tactics, but she wants to try something new.

Rather than exfiltrating cookies, why not use Alice's browser directly...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY