Red Team

SAVE OFFLINE

RED TEAMING A real-world Attack Simulation

By Bhashit Pandya

INTRODUCTION Basically 2 teams:

Red Team

2

Blue Team

INTRODUCTION

Blue Team A group of team for defence.

3

INTRODUCTION

Red Team A group with an aim to improve the organization security.

4

INTRODUCTION

So, Whats Common?

5

INTRODUCTION

Whats diference between them?

6

RED TEAM QUALITITES Out of box Thinking ● Creativity ● Problem Solvers ● Not Bothered by Rules and Law. ● Problems from Multiple Perspective ● Probing side of Problem or Solution that was never considered. ● Leadership. ●

7

RED TEAM GOALS Enhance decision making. ● Apply the mindset for better planning and problem solving. ● To Challenge the current security policies. ● Test readiness. ●

8

RED TEAM CAPABILITIES Penetration Testing ● Social Engineering ● OSINT ● SIGINT ● HUMINT ● Idenitfy vulnerabilities in the PPT(People, Process and Technology). ● Aware of Potential oppponent’s TTP(Tectics, Techiniques, Procedures). ●

9

RED TEAM ASSESSMENT

What it is?

10

RED TEAM ASESSMENT PHASES Phases: 1. OPORD 2. Recon 3. Target ID 4. Live Run 5. Report

11

RED TEAM ASESSMENT PHASES OPORD

Recon

Target ID

Live Run

Report

12

RED TEAM INCLUDES ●

Penetration Testing.

●

AV Evasions.

●

Phishing and Vishing.

●

Exploit frameworks

●

Implant Creation

●

Lateral Movements

●

Physical Devices

●

C2 servers.

●

Anything which chllanges an organization security policies

13

RED TEAM FREE TRAINING ●

●

Tradecraft - A course on red team operations by Raphael Mudge Advanced Threat Tactics Course & Notes by Cobalt Strike

14

CERTIFICATES? ●

CREST Certifed Simulated Attack Specialist

●

CREST Certifed Simulated Attack Manager

●

SEC564: Red Team Operations and Threat Emulation

15

RED TEAM? ●

Any Task Given to red teamer is to be completed by hook or by crook.

●

Real adversaries never follow rules.

●

They can have their own rules and principles.

16

RED TEAM

When in doubt red team!

Thank You!

17