SlideShare a Scribd company logo

So you want to be a red teamer

Jorge Orchilles
Jorge Orchilles

Red Teaming is hot right now. Many people want to get into it just because it sounds cool. While I tend to agree, there are many things to consider. There is way more to red teaming than just "getting in" to organizations. Join us for this one hour webcast where we cover what red team is, why you may want to be a red teamer, and how to become a red teamer.

Technology
1 of 37
Download to read offline
So, you want to be a red teamer?
• CTO @ • 10 years @ Citi – Vulnerability Assessment – Penetration Testing – Red Team – Purple Team • Certified SANS Instructor – Author SEC564: Red Team Exercises and Adversary Emulation – SEC560: Network Penetration Testing – SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
● Senior Red Teamer @ NVISO ● Founder of redteamer.tips ● Big believer in open sourcing tools ● Instructor candidate for SEC699 https://redteamer.tips/so-you-want-to-be-a-pentester-and-or-red-teamer/
Going back in time... erhmm… that’s too far back
Going back in time...
Going back in time...
Going back in time...
• Basic definitions • People - YOU! This is our focus today! • Process • Technology • SANS Promise
• A hacker is a skilled individual who uses their technical knowledge to overcome a problem • A criminal is one who engages in illegal activities
• Definition: Automated (tool-based) scanning against assets (IPs or applications). • Goal: Identify low hanging, known vulnerabilities pre, or post-authentication. • Effort: Small; requires tool investment – Many vendors: Tenable Nessus, Rapid7 Nexpose, Qualys, AlientVault, IBM AppScan, HP WebInspect, etc. • Focus: Technology vulnerabilities, patches, configuration • Frequency: Weekly to Monthly • Customer: System owners and operations teams
• Definition: Automated and manual assessment of assets in scope to find security vulnerabilities, which may or may not be used to get in or steal data. • Goal: Identify ALL vulnerabilities from assets in scope. • Effort: ~30% tools based and ~70% manual testing • Focus: Assessments are broader and often include explicit policy and procedure reviews. • Frequency: Once per year or once per certification of product/version • Customer: System owners, operations, engineers, application stakeholders
• Definition: Finding and exploiting vulnerabilities in technology • Goal: Report all exploitable vulnerabilities under controlled circumstances. • Effort: ~10% tools based and ~90% manual testing • Frequency: ~once per year • Customer: System owners, operations, engineering, and application stakeholders
• Definition: Red Team emulates Tactics, Techniques, and Procedures (TTPs) of real adversaries to improve the people, processes, and technology in the target environment. • Goal: Make Blue Team better. Train and measure blue teams' detection and response policies, procedures, and technologies are effective. • Effort: Manual; some Red Team Automation tools • Frequency: Intelligence-led (new exploit, tool, or TTP) • Customer: Blue Teams “The practice of looking at a problem or situation from the perspective of an adversary” – Red Team Journal 1997
• Created based on various organization’s experiences • Not a step-by-step guide, but should serve as a baseline for improvement and maturity • You can skip steps based on business requirements and goals • Every organization is different • Continuous improvement should not halt previous assessment types
• Much like organizations, this roadmap also holds true for your infosec career. • You don’t become a red teamer “over night” • Red teaming takes a vast knowledge in order to be successful ranging from networking to operating system internals • Purple teaming requires you to have a balanced skill set in both offence and defense (that takes time).
● One of the great aspects in life is that no person is the same. ● You can follow advice, but stay true to yourself and take your own path ● Do it because it’s your passion, not for the $$$ ● Enjoy the journey, as it’s a never ending one
● Don’t rush into things, take your time to learn ● Dare to ask! You are never alone in this community ○ Don’t ask us to do your homework though.. :)
● Probably the most asked question I get in my DM’s ● Start with a solid use case, and go for it! ● Stack overflow/Google/…. ● Learn from toolsmiths such as byt3bl33d3r, RastaMouse, XPN,...
• SANS of course – SEC564: Red Team Exercises and Adversary Emulation – SEC565: Red Team Operations (coming soon) – SEC599 and SEC699: Purple Teaming and Advanced PT • Zero Point Security • PenTesterAcademy • BC-Security • FortyNoth • Many more
Short answer: No, but… ● It helps pass HR gates in certain companies ● It shows you are capable of solving challenges ● They are a reward for your hard work and dedication
• Cyber Kill Chain® – Lockheed Martin • Unified Cyber Kill Chain – Paul Pols • MITRE ATT&CK • Purple Team Exercise Framework (PTEF)
• Tactics, Techniques, and Procedures (TTPs) are Adversary Behaviors • Tactics – 14 high level adversary goals • Techniques – how the adversary achieves their goals – Sub-Techniques • Procedures – how to perform each technique
• Coming from VA or PenTest you are familiar with CVE – Common Vulnerability and Exposures: http://cve.mitre.org/ – Finding vulnerabilities in technology is fun! – Bug Bounties pay! • Red Teamers may still find vulnerabilities and perform exploitation but much less than a penetration tester • Exploitation is just a means to an end
• Command and Control (C2) frameworks are the most common • C2 Matrix – Google doc of most C2 frameworks – Documents various capabilities of each framework – There is no right or wrong, better or worse – Find ideal C2 for your current objective – Wizard like UI to select which one – www.thec2matrix.com – howto.thec2matrix.com
• Download the free, SANS Slingshot C2 Matrix Edition virtual machine – https://howto.thec2matrix.com/slingshot-c2-matrix-edition • Run the virtual machine in vmware (free version is fine) • Follow the how-to guide to setup your first Command and Control server • Create a payload • Execute it on a target system (that you have permission) • Emulate various adversary behavior
• 564.1: Introduction and Planning of Red Team Exercises – Consume Cyber Threat Intelligence – Prepare for a Red Team engagement – Set up Attack Infrastructure • 564.2: Red Team Exercise Execution and Closure – Gain Initial Access – Emulate adversary behaviors aligned to ATT&CK – Provide Value
• Everything you do in offensive operations should bring business value • Focus on the original goals and objectives • Getting in and meeting the adversary objectives is great! • But report it with the same care and diligence you did the test • Put yourself in the perspective of the audience • Work together, collaborate, improve, repeat
Any questions?

Recommended

8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 MatrixJorge Orchilles
 
Purple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFPurple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFJorge Orchilles
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEAdversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEJorge Orchilles
 
Adversary Emulation - Red Team Village - Mayhem 2020
Adversary Emulation - Red Team Village - Mayhem 2020Adversary Emulation - Red Team Village - Mayhem 2020
Adversary Emulation - Red Team Village - Mayhem 2020Jorge Orchilles
 
Purple Team - Work it out: Organizing Effective Adversary Emulation Exercises
Purple Team - Work it out: Organizing Effective Adversary Emulation ExercisesPurple Team - Work it out: Organizing Effective Adversary Emulation Exercises
Purple Team - Work it out: Organizing Effective Adversary Emulation ExercisesJorge Orchilles
 
How to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHow to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHaydn Johnson
 
Purple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConPurple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConJorge Orchilles
 
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Jorge Orchilles
 

Recommended

8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 MatrixJorge Orchilles
 
Purple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFPurple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFJorge Orchilles
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEAdversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEJorge Orchilles
 
Adversary Emulation - Red Team Village - Mayhem 2020
Adversary Emulation - Red Team Village - Mayhem 2020Adversary Emulation - Red Team Village - Mayhem 2020
Adversary Emulation - Red Team Village - Mayhem 2020Jorge Orchilles
 
Purple Team - Work it out: Organizing Effective Adversary Emulation Exercises
Purple Team - Work it out: Organizing Effective Adversary Emulation ExercisesPurple Team - Work it out: Organizing Effective Adversary Emulation Exercises
Purple Team - Work it out: Organizing Effective Adversary Emulation ExercisesJorge Orchilles
 
How to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHow to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHaydn Johnson
 
Purple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConPurple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConJorge Orchilles
 
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Jorge Orchilles
 
Purple Teaming with ATT&CK - x33fcon 2018
Purple Teaming with ATT&CK - x33fcon 2018Purple Teaming with ATT&CK - x33fcon 2018
Purple Teaming with ATT&CK - x33fcon 2018Christopher Korban
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...MITRE ATT&CK
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue TeamEC-Council
 
Adversary Emulation and Its Importance for Improving Security Posture in Orga...
Adversary Emulation and Its Importance for Improving Security Posture in Orga...Adversary Emulation and Its Importance for Improving Security Posture in Orga...
Adversary Emulation and Its Importance for Improving Security Posture in Orga...Digit Oktavianto
 
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterProjects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterMITRE ATT&CK
 
ATT&CK Updates- Defensive ATT&CK
ATT&CK Updates- Defensive ATT&CKATT&CK Updates- Defensive ATT&CK
ATT&CK Updates- Defensive ATT&CKMITRE ATT&CK
 
Adversary Emulation - DerpCon
Adversary Emulation - DerpConAdversary Emulation - DerpCon
Adversary Emulation - DerpConJorge Orchilles
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingDhruv Majumdar
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideMITRE ATT&CK
 
Adversary Emulation and the C2 Matrix
Adversary Emulation and the C2 MatrixAdversary Emulation and the C2 Matrix
Adversary Emulation and the C2 MatrixJorge Orchilles
 
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...MITRE - ATT&CKcon
 
State of the ATT&CK
State of the ATT&CKState of the ATT&CK
State of the ATT&CKMITRE ATT&CK
 
Blue Team
Blue TeamBlue Team
Blue TeamNull Bhubaneswar
 
The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple TeamPriyanka Aash
 
SCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim SchulzSCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim SchulzJorge Orchilles
 
When Insiders ATT&CK!
When Insiders ATT&CK!When Insiders ATT&CK!
When Insiders ATT&CK!MITRE ATT&CK
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
The Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can StealThe Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can Stealmozilla.presentations
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestDenim Group
 

More Related Content

What's hot

Purple Teaming with ATT&CK - x33fcon 2018
Purple Teaming with ATT&CK - x33fcon 2018Purple Teaming with ATT&CK - x33fcon 2018
Purple Teaming with ATT&CK - x33fcon 2018Christopher Korban
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...MITRE ATT&CK
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue TeamEC-Council
 
Adversary Emulation and Its Importance for Improving Security Posture in Orga...
Adversary Emulation and Its Importance for Improving Security Posture in Orga...Adversary Emulation and Its Importance for Improving Security Posture in Orga...
Adversary Emulation and Its Importance for Improving Security Posture in Orga...Digit Oktavianto
 
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterProjects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterMITRE ATT&CK
 
ATT&CK Updates- Defensive ATT&CK
ATT&CK Updates- Defensive ATT&CKATT&CK Updates- Defensive ATT&CK
ATT&CK Updates- Defensive ATT&CKMITRE ATT&CK
 
Adversary Emulation - DerpCon
Adversary Emulation - DerpConAdversary Emulation - DerpCon
Adversary Emulation - DerpConJorge Orchilles
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingDhruv Majumdar
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideMITRE ATT&CK
 
Adversary Emulation and the C2 Matrix
Adversary Emulation and the C2 MatrixAdversary Emulation and the C2 Matrix
Adversary Emulation and the C2 MatrixJorge Orchilles
 
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...MITRE - ATT&CKcon
 
State of the ATT&CK
State of the ATT&CKState of the ATT&CK
State of the ATT&CKMITRE ATT&CK
 
The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple TeamPriyanka Aash
 
SCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim SchulzSCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim SchulzJorge Orchilles
 
When Insiders ATT&CK!
When Insiders ATT&CK!When Insiders ATT&CK!
When Insiders ATT&CK!MITRE ATT&CK
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 

What's hot (20)

Purple Teaming with ATT&CK - x33fcon 2018
Purple Teaming with ATT&CK - x33fcon 2018Purple Teaming with ATT&CK - x33fcon 2018
Purple Teaming with ATT&CK - x33fcon 2018
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue Team
 
Adversary Emulation and Its Importance for Improving Security Posture in Orga...
Adversary Emulation and Its Importance for Improving Security Posture in Orga...Adversary Emulation and Its Importance for Improving Security Posture in Orga...
Adversary Emulation and Its Importance for Improving Security Posture in Orga...
 
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterProjects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the Center
 
ATT&CK Updates- Defensive ATT&CK
ATT&CK Updates- Defensive ATT&CKATT&CK Updates- Defensive ATT&CK
ATT&CK Updates- Defensive ATT&CK
 
Adversary Emulation - DerpCon
Adversary Emulation - DerpConAdversary Emulation - DerpCon
Adversary Emulation - DerpCon
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue Divide
 
Adversary Emulation and the C2 Matrix
Adversary Emulation and the C2 MatrixAdversary Emulation and the C2 Matrix
Adversary Emulation and the C2 Matrix
 
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
 
State of the ATT&CK
State of the ATT&CKState of the ATT&CK
State of the ATT&CK
 
Blue Team
Blue TeamBlue Team
Blue Team
 
The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple Team
 
SCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim SchulzSCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim Schulz
 
When Insiders ATT&CK!
When Insiders ATT&CK!When Insiders ATT&CK!
When Insiders ATT&CK!
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 

Similar to So you want to be a red teamer

The Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can StealThe Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can Stealmozilla.presentations
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestDenim Group
 
Understanding and hiding your operations
Understanding and hiding your operationsUnderstanding and hiding your operations
Understanding and hiding your operationsDaniel López Jiménez
 
Integris Security - Hacking With Glue ℠
Integris Security - Hacking With Glue ℠Integris Security - Hacking With Glue ℠
Integris Security - Hacking With Glue ℠Integris Security LLC
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentestersamiable_indian
 
Web 2.0 Performance and Reliability: How to Run Large Web Apps
Web 2.0 Performance and Reliability: How to Run Large Web AppsWeb 2.0 Performance and Reliability: How to Run Large Web Apps
Web 2.0 Performance and Reliability: How to Run Large Web Appsadunne
 
Vulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructureVulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructureSergey Gordeychik
 
Generic Attack Detection - ph-Neutral 0x7d8
Generic Attack Detection - ph-Neutral 0x7d8Generic Attack Detection - ph-Neutral 0x7d8
Generic Attack Detection - ph-Neutral 0x7d8Mario Heiderich
 
How Not To Code Flex Applications
How Not To Code Flex ApplicationsHow Not To Code Flex Applications
How Not To Code Flex Applicationsjeff tapper
 
Technical Excellence Doesn't Just Happen--Igniting a Craftsmanship Culture
Technical Excellence Doesn't Just Happen--Igniting a Craftsmanship CultureTechnical Excellence Doesn't Just Happen--Igniting a Craftsmanship Culture
Technical Excellence Doesn't Just Happen--Igniting a Craftsmanship CultureAllison Pollard
 
Hogy néz ki egy pentest meló a gyakorlatban?
Hogy néz ki egy pentest meló a gyakorlatban?Hogy néz ki egy pentest meló a gyakorlatban?
Hogy néz ki egy pentest meló a gyakorlatban?hackersuli
 
Guerilla Usability Testing
Guerilla Usability TestingGuerilla Usability Testing
Guerilla Usability TestingAndy Budd
 
An Overview of automated testing (1)
An Overview of automated testing (1)An Overview of automated testing (1)
An Overview of automated testing (1)Rodrigo Lopes
 
The limits of unit testing by Craig Stuntz
The limits of unit testing by Craig StuntzThe limits of unit testing by Craig Stuntz
The limits of unit testing by Craig StuntzQA or the Highway
 
The Limits of Unit Testing by Craig Stuntz
The Limits of Unit Testing by Craig StuntzThe Limits of Unit Testing by Craig Stuntz
The Limits of Unit Testing by Craig StuntzQA or the Highway
 
2020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 92020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 9FRSecure
 
Software developer interview fails
Software developer interview failsSoftware developer interview fails
Software developer interview failsRaghuraman Kanchi
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwareDefcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwareDaveEdwards12
 

Similar to So you want to be a red teamer (20)

The Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can StealThe Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can Steal
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
 
Understanding and hiding your operations
Understanding and hiding your operationsUnderstanding and hiding your operations
Understanding and hiding your operations
 
Integris Security - Hacking With Glue ℠
Integris Security - Hacking With Glue ℠Integris Security - Hacking With Glue ℠
Integris Security - Hacking With Glue ℠
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
 
Feedback Loops
Feedback LoopsFeedback Loops
Feedback Loops
 
Web 2.0 Performance and Reliability: How to Run Large Web Apps
Web 2.0 Performance and Reliability: How to Run Large Web AppsWeb 2.0 Performance and Reliability: How to Run Large Web Apps
Web 2.0 Performance and Reliability: How to Run Large Web Apps
 
Becoming A Php Ninja
Becoming A Php NinjaBecoming A Php Ninja
Becoming A Php Ninja
 
Vulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructureVulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructure
 
Generic Attack Detection - ph-Neutral 0x7d8
Generic Attack Detection - ph-Neutral 0x7d8Generic Attack Detection - ph-Neutral 0x7d8
Generic Attack Detection - ph-Neutral 0x7d8
 
How Not To Code Flex Applications
How Not To Code Flex ApplicationsHow Not To Code Flex Applications
How Not To Code Flex Applications
 
Technical Excellence Doesn't Just Happen--Igniting a Craftsmanship Culture
Technical Excellence Doesn't Just Happen--Igniting a Craftsmanship CultureTechnical Excellence Doesn't Just Happen--Igniting a Craftsmanship Culture
Technical Excellence Doesn't Just Happen--Igniting a Craftsmanship Culture
 
Hogy néz ki egy pentest meló a gyakorlatban?
Hogy néz ki egy pentest meló a gyakorlatban?Hogy néz ki egy pentest meló a gyakorlatban?
Hogy néz ki egy pentest meló a gyakorlatban?
 
Guerilla Usability Testing
Guerilla Usability TestingGuerilla Usability Testing
Guerilla Usability Testing
 
An Overview of automated testing (1)
An Overview of automated testing (1)An Overview of automated testing (1)
An Overview of automated testing (1)
 
The limits of unit testing by Craig Stuntz
The limits of unit testing by Craig StuntzThe limits of unit testing by Craig Stuntz
The limits of unit testing by Craig Stuntz
 
The Limits of Unit Testing by Craig Stuntz
The Limits of Unit Testing by Craig StuntzThe Limits of Unit Testing by Craig Stuntz
The Limits of Unit Testing by Craig Stuntz
 
2020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 92020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 9
 
Software developer interview fails
Software developer interview failsSoftware developer interview fails
Software developer interview fails
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwareDefcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
 

More from Jorge Orchilles

Purple Team Use Case - Security Weekly
Purple Team Use Case - Security WeeklyPurple Team Use Case - Security Weekly
Purple Team Use Case - Security WeeklyJorge Orchilles
 
KringleCon 3 Providing Value in Offensive Security
KringleCon 3 Providing Value in Offensive SecurityKringleCon 3 Providing Value in Offensive Security
KringleCon 3 Providing Value in Offensive SecurityJorge Orchilles
 
C2 Matrix Anniversary - Blackhat EU 2020
C2 Matrix Anniversary - Blackhat EU 2020C2 Matrix Anniversary - Blackhat EU 2020
C2 Matrix Anniversary - Blackhat EU 2020Jorge Orchilles
 
Purple Team Exercise Workshop December 2020
Purple Team Exercise Workshop December 2020Purple Team Exercise Workshop December 2020
Purple Team Exercise Workshop December 2020Jorge Orchilles
 
External Threat Hunters are Red Teamers
External Threat Hunters are Red TeamersExternal Threat Hunters are Red Teamers
External Threat Hunters are Red TeamersJorge Orchilles
 
Evolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV ConferenceEvolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV ConferenceJorge Orchilles
 
Purple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatPurple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatJorge Orchilles
 
Evolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConEvolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConJorge Orchilles
 
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerDEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerJorge Orchilles
 
Blackhat 2020 Arsenal - C2 Matrix
Blackhat 2020 Arsenal - C2 MatrixBlackhat 2020 Arsenal - C2 Matrix
Blackhat 2020 Arsenal - C2 MatrixJorge Orchilles
 
Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Jorge Orchilles
 
Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...
Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...
Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...Jorge Orchilles
 
Adversarial Emulation with the C2 Matrix - Wild West WebCastin Fest
Adversarial Emulation with the C2 Matrix - Wild West WebCastin FestAdversarial Emulation with the C2 Matrix - Wild West WebCastin Fest
Adversarial Emulation with the C2 Matrix - Wild West WebCastin FestJorge Orchilles
 
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...Jorge Orchilles
 
C2 Matrix A Comparison of Command and Control Frameworks
C2 Matrix A Comparison of Command and Control FrameworksC2 Matrix A Comparison of Command and Control Frameworks
C2 Matrix A Comparison of Command and Control FrameworksJorge Orchilles
 
Windows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsWindows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsJorge Orchilles
 
Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Jorge Orchilles
 
BackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA PresentationBackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA PresentationJorge Orchilles
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to InfrastructureJorge Orchilles
 

More from Jorge Orchilles (20)

Purple Team Use Case - Security Weekly
Purple Team Use Case - Security WeeklyPurple Team Use Case - Security Weekly
Purple Team Use Case - Security Weekly
 
KringleCon 3 Providing Value in Offensive Security
KringleCon 3 Providing Value in Offensive SecurityKringleCon 3 Providing Value in Offensive Security
KringleCon 3 Providing Value in Offensive Security
 
C2 Matrix Anniversary - Blackhat EU 2020
C2 Matrix Anniversary - Blackhat EU 2020C2 Matrix Anniversary - Blackhat EU 2020
C2 Matrix Anniversary - Blackhat EU 2020
 
Purple Team Exercise Workshop December 2020
Purple Team Exercise Workshop December 2020Purple Team Exercise Workshop December 2020
Purple Team Exercise Workshop December 2020
 
External Threat Hunters are Red Teamers
External Threat Hunters are Red TeamersExternal Threat Hunters are Red Teamers
External Threat Hunters are Red Teamers
 
Evolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV ConferenceEvolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV Conference
 
Purple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatPurple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHat
 
Evolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConEvolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootCon
 
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerDEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
 
Blackhat 2020 Arsenal - C2 Matrix
Blackhat 2020 Arsenal - C2 MatrixBlackhat 2020 Arsenal - C2 Matrix
Blackhat 2020 Arsenal - C2 Matrix
 
Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29
 
Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...
Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...
Ethical Hacking Definitions Matter - Covering Vulnerability Scanning, Vulnera...
 
Adversarial Emulation with the C2 Matrix - Wild West WebCastin Fest
Adversarial Emulation with the C2 Matrix - Wild West WebCastin FestAdversarial Emulation with the C2 Matrix - Wild West WebCastin Fest
Adversarial Emulation with the C2 Matrix - Wild West WebCastin Fest
 
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...
 
C2 Matrix A Comparison of Command and Control Frameworks
C2 Matrix A Comparison of Command and Control FrameworksC2 Matrix A Comparison of Command and Control Frameworks
C2 Matrix A Comparison of Command and Control Frameworks
 
Windows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsWindows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 Apps
 
Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?
 
BackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA PresentationBackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA Presentation
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
 
Windows 7 Security
Windows 7 SecurityWindows 7 Security
Windows 7 Security
 

Recently uploaded

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 

Recently uploaded (20)

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 

So you want to be a red teamer

  • 1. So, you want to be a red teamer?
  • 2. • CTO @ • 10 years @ Citi – Vulnerability Assessment – Penetration Testing – Red Team – Purple Team • Certified SANS Instructor – Author SEC564: Red Team Exercises and Adversary Emulation – SEC560: Network Penetration Testing – SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
  • 3.
  • 4. ● Senior Red Teamer @ NVISO ● Founder of redteamer.tips ● Big believer in open sourcing tools ● Instructor candidate for SEC699 https://redteamer.tips/so-you-want-to-be-a-pentester-and-or-red-teamer/
  • 5. Going back in time... erhmm… that’s too far back
  • 6. Going back in time...
  • 7. Going back in time...
  • 8. Going back in time...
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16. • Basic definitions • People - YOU! This is our focus today! • Process • Technology • SANS Promise
  • 17. • A hacker is a skilled individual who uses their technical knowledge to overcome a problem • A criminal is one who engages in illegal activities
  • 18. • Definition: Automated (tool-based) scanning against assets (IPs or applications). • Goal: Identify low hanging, known vulnerabilities pre, or post-authentication. • Effort: Small; requires tool investment – Many vendors: Tenable Nessus, Rapid7 Nexpose, Qualys, AlientVault, IBM AppScan, HP WebInspect, etc. • Focus: Technology vulnerabilities, patches, configuration • Frequency: Weekly to Monthly • Customer: System owners and operations teams
  • 19. • Definition: Automated and manual assessment of assets in scope to find security vulnerabilities, which may or may not be used to get in or steal data. • Goal: Identify ALL vulnerabilities from assets in scope. • Effort: ~30% tools based and ~70% manual testing • Focus: Assessments are broader and often include explicit policy and procedure reviews. • Frequency: Once per year or once per certification of product/version • Customer: System owners, operations, engineers, application stakeholders
  • 20. • Definition: Finding and exploiting vulnerabilities in technology • Goal: Report all exploitable vulnerabilities under controlled circumstances. • Effort: ~10% tools based and ~90% manual testing • Frequency: ~once per year • Customer: System owners, operations, engineering, and application stakeholders
  • 21. • Definition: Red Team emulates Tactics, Techniques, and Procedures (TTPs) of real adversaries to improve the people, processes, and technology in the target environment. • Goal: Make Blue Team better. Train and measure blue teams' detection and response policies, procedures, and technologies are effective. • Effort: Manual; some Red Team Automation tools • Frequency: Intelligence-led (new exploit, tool, or TTP) • Customer: Blue Teams “The practice of looking at a problem or situation from the perspective of an adversary” – Red Team Journal 1997
  • 22. • Created based on various organization’s experiences • Not a step-by-step guide, but should serve as a baseline for improvement and maturity • You can skip steps based on business requirements and goals • Every organization is different • Continuous improvement should not halt previous assessment types
  • 23. • Much like organizations, this roadmap also holds true for your infosec career. • You don’t become a red teamer “over night” • Red teaming takes a vast knowledge in order to be successful ranging from networking to operating system internals • Purple teaming requires you to have a balanced skill set in both offence and defense (that takes time).
  • 24. ● One of the great aspects in life is that no person is the same. ● You can follow advice, but stay true to yourself and take your own path ● Do it because it’s your passion, not for the $$$ ● Enjoy the journey, as it’s a never ending one
  • 25. ● Don’t rush into things, take your time to learn ● Dare to ask! You are never alone in this community ○ Don’t ask us to do your homework though.. :)
  • 26. ● Probably the most asked question I get in my DM’s ● Start with a solid use case, and go for it! ● Stack overflow/Google/…. ● Learn from toolsmiths such as byt3bl33d3r, RastaMouse, XPN,...
  • 27. • SANS of course – SEC564: Red Team Exercises and Adversary Emulation – SEC565: Red Team Operations (coming soon) – SEC599 and SEC699: Purple Teaming and Advanced PT • Zero Point Security • PenTesterAcademy • BC-Security • FortyNoth • Many more
  • 28. Short answer: No, but… ● It helps pass HR gates in certain companies ● It shows you are capable of solving challenges ● They are a reward for your hard work and dedication
  • 29. • Cyber Kill Chain® – Lockheed Martin • Unified Cyber Kill Chain – Paul Pols • MITRE ATT&CK • Purple Team Exercise Framework (PTEF)
  • 30. • Tactics, Techniques, and Procedures (TTPs) are Adversary Behaviors • Tactics – 14 high level adversary goals • Techniques – how the adversary achieves their goals – Sub-Techniques • Procedures – how to perform each technique
  • 31. • Coming from VA or PenTest you are familiar with CVE – Common Vulnerability and Exposures: http://cve.mitre.org/ – Finding vulnerabilities in technology is fun! – Bug Bounties pay! • Red Teamers may still find vulnerabilities and perform exploitation but much less than a penetration tester • Exploitation is just a means to an end
  • 32.
  • 33. • Command and Control (C2) frameworks are the most common • C2 Matrix – Google doc of most C2 frameworks – Documents various capabilities of each framework – There is no right or wrong, better or worse – Find ideal C2 for your current objective – Wizard like UI to select which one – www.thec2matrix.com – howto.thec2matrix.com
  • 34. • Download the free, SANS Slingshot C2 Matrix Edition virtual machine – https://howto.thec2matrix.com/slingshot-c2-matrix-edition • Run the virtual machine in vmware (free version is fine) • Follow the how-to guide to setup your first Command and Control server • Create a payload • Execute it on a target system (that you have permission) • Emulate various adversary behavior
  • 35. • 564.1: Introduction and Planning of Red Team Exercises – Consume Cyber Threat Intelligence – Prepare for a Red Team engagement – Set up Attack Infrastructure • 564.2: Red Team Exercise Execution and Closure – Gain Initial Access – Emulate adversary behaviors aligned to ATT&CK – Provide Value
  • 36. • Everything you do in offensive operations should bring business value • Focus on the original goals and objectives • Getting in and meeting the adversary objectives is great! • But report it with the same care and diligence you did the test • Put yourself in the perspective of the audience • Work together, collaborate, improve, repeat