Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cybersecurity Attacks ‚Äì Red Team Strategies
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cybersecurity Attacks – Red Team Strategies

Cybersecurity Attacks – Red Team Strategies

By : Rehberger
4.8 (9)
close
close
Cybersecurity Attacks – Red Team Strategies

Cybersecurity Attacks – Red Team Strategies

4.8 (9)
By: Rehberger

Overview of this book

It's now more important than ever for organizations to be ready to detect and respond to security events and breaches. Preventive measures alone are not enough for dealing with adversaries. A well-rounded prevention, detection, and response program is required. This book will guide you through the stages of building a red team program, including strategies and homefield advantage opportunities to boost security. The book starts by guiding you through establishing, managing, and measuring a red team program, including effective ways for sharing results and findings to raise awareness. Gradually, you'll learn about progressive operations such as cryptocurrency mining, focused privacy testing, targeting telemetry, and even blue team tooling. Later, you'll discover knowledge graphs and how to build them, then become well-versed with basic to advanced techniques related to hunting for credentials, and learn to automate Microsoft Office and browsers to your advantage. Finally, you'll get to grips with protecting assets using decoys, auditing, and alerting with examples for major operating systems. By the end of this book, you'll have learned how to build, manage, and measure a red team program effectively and be well-versed with the fundamental operational techniques required to enhance your existing skills.
Table of Contents (17 chapters)
close
close
1
Section 1: Embracing the Red
6
Section 2: Tactics and Techniques

Summary

In this chapter, we focused on Windows and COM automation. COM can be used to automate Windows applications such as Word, Excel, and Outlook. Adversaries can leverage these technologies during post-exploitation. We explored automation techniques to send emails, encrypt content, and/or exfiltrate data via COM. In particular, we looked at automating Microsoft Outlook, Word, and Excel.

Furthermore, we highlighted how COM automation can be leveraged to search through Office documents at scale to identify secrets or other interesting content.

Later, we explored browsers and how an adversary can leverage web browser automation techniques to remote control web browsers to exfiltrated data or spy on users. For the browser scenarios, we looked at native COM automation for Internet Explorer and then the remote debugging feature of Chrome.

Furthermore, we configured Chrome and Selenium WebDrivers to automate various browsers.

In the next chapter, we will explore how to...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY