舉報 
會員
Hands-On Red Team Tactics
RedTeamingisusedtoenhancesecuritybyperformingsimulatedattacksonanorganizationinordertodetectnetworkandsystemvulnerabilities.Hands-OnRedTeamTacticsstartswithanoverviewofpentestingandRedTeaming,beforegivingyouanintroductiontofewofthelatestpentestingtools.WewillthenmoveontoexploringMetasploitandgettingtogripswithArmitage.Onceyouhavestudiedthefundamentals,youwilllearnhowtouseCobaltStrikeandhowtosetupitsteamserver.ThebookintroducessomecommonlesserknowntechniquesforpivotingandhowtopivotoverSSH,beforeusingCobaltStriketopivot.Thiscomprehensiveguidedemonstratesadvancedmethodsofpost-exploitationusingCobaltStrikeandintroducesyoutoCommandandControl(C2)serversandredirectors.Allthiswillhelpyouachievepersistenceusingbeaconsanddataexfiltration,andwillalsogiveyouthechancetorunthroughthemethodologytouseRedTeamactivitytoolssuchasEmpireduringaRedTeamactivityonActiveDirectoryandDomainController.Inadditiontothis,youwillexploremaintainingpersistentaccess,stayinguntraceable,andgettingreverseconnectionsoverdifferentC2covertchannels.Bytheendofthisbook,youwillhavelearnedaboutadvancedpenetrationtestingtools,techniquestogetreverseshellsoverencryptedchannels,andprocessesforpost-exploitation.
目錄(257章)
倒序
- 封面
- Title Page
- Copyright and Credits
- Hands-On Red Team Tactics
- Packt Upsell
- Why subscribe?
- Packt.com
- Contributors
- About the authors
- About the reviewers
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Disclaimer
- Red-Teaming and Pentesting
- Pentesting 101
- OWASP
- Open Source Security Testing Methodology Manual (OSSTMM)
- Information Systems Security Assessment Framework (ISSAF)
- Penetration Testing Execution Standard (PTES)
- Pre-engagement interactions
- Intelligence gathering
- Threat modeling
- Vulnerability analysis
- Exploitation
- Post-exploitation
- Reporting
- A different approach
- Methodology
- How is it different?
- Summary
- Questions
- Further reading
- Pentesting 2018
- Technical requirements
- MSFvenom Payload Creator
- Resource file
- Koadic
- Installation
- Why use MSHTA as the dropper payload?
- Terminology
- Stager establishment
- Payload execution
- Running Implants
- Pivoting
- Summary
- Questions
- Further reading
- Foreplay - Metasploit Basics
- Technical requirements
- Installing Metasploit
- Running Metasploit
- Auxiliaries
- Exploits
- Payloads
- Encoders
- Meterpreter
- Armitage and team server
- Metasploit with slack
- Armitage and Cortana scripts
- Summary
- Questions
- Further reading
- Getting Started with Cobalt Strike
- Technical requirements
- Planning a red-team exercise
- Cyber kill chain (CKC)
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and Control Server
- Actions
- Objective and goal
- Rules of Engagement (RoE)
- Scenario/strategy
- Deliverables
- Introduction to Cobalt Strike
- What is a team server?
- Cobalt Strike setup
- Cobalt Strike interface
- Toolbar
- Connecting to another team server
- Disconnecting from the team server
- Configure listeners
- Session graphs
- Session table
- Targets list
- Credentials
- Downloaded files
- Keystrokes
- Screenshots
- Payload generation – stageless Windows executable
- Payload generation – Java signed applet
- Payload generation – MS Office macros
- Scripted web delivery
- File hosting
- Managing the web server
- Server switchbar
- Customizing the team server
- Summary
- Questions
- Further reading
- ./ReverseShell
- Technical requirement
- Introduction to reverse connections
- Unencrypted reverse connections using netcat
- Encrypted reverse connections using OpenSSL
- Introduction to reverse shell connections
- Unencrypted reverse shell using netcat
- Encrypted reverse shell for *nix with OpenSSL packages installed
- Encrypted reverse shell using ncat
- Encrypted reverse shell using socat
- Encrypted reverse shell using cryptcat
- Reverse shell using powercat
- reverse_tcp
- reverse_tcp_rc4
- reverse_https
- reverse_https with a custom SSL certificate
- Meterpreter over ngrok
- Reverse shell cheat sheet
- Bash reverse shell
- Zsh reverse shell
- TCLsh/wish reverse shell
- Ksh reverse shell
- Netcat reverse shell
- Telnet reverse shell
- (G)awk reverse shell
- R reverse shell
- Python reverse shell
- Perl reverse shell
- Ruby reverse shell
- Php reverse shell
- Lua reverse shell
- Nodejs reverse shell
- Powershell reverse shell
- Socat reverse shell over TCP
- Socat reverse shell over UDP
- Socat reverse shell over SSL (cert.pem is the custom certificate)
- Summary
- Questions
- Further reading
- Pivoting
- Technical requirements
- Pivoting via SSH
- Meterpreter port forwarding
- Pivoting via Armitage
- Multi-level pivoting
- Summary
- Further reading
- Age of Empire - The Beginning
- Technical requirements
- Introduction to Empire
- Empire setup and installation
- Empire fundamentals
- Phase 1 – Listener Initiation
- Phase 2 – Stager Creation
- Phase 3 – Stager Execution
- Phase 4 – Acquiring Agent
- Phase 5 – Post Module Operations
- Empire post exploitation for Windows
- Empire post exploitation for Linux
- Empire post exploitation for OSX
- Popping up a Meterpreter session using Empire
- Slack notification for Empire agents
- Summary
- Questions
- Further reading
- Age of Empire - Owning Domain Controllers
- Getting into a Domain Controller using Empire
- Automating Active Directory exploitation using the DeathStar
- Empire GUI
- Summary
- Questions
- Further reading
- Cobalt Strike - Red Team Operations
- Technical requirements
- Cobalt Strike listeners
- Foreign-based listeners
- Cobalt Strike payloads
- Beacons
- The beacon menu
- Explore menu
- Beacon console
- Pivoting through Cobalt Strike
- Aggressor Scripts
- Summary
- Questions
- Further reading
- C2 - Master of Puppets
- Technical requirements
- Introduction to C2
- Cloud-based file sharing using C2
- Using Dropbox as the C2
- Using OneDrive as the C2
- C2 covert channels
- TCP
- UDP
- HTTP(S)
- DNS
- ICMP
- Summary
- Questions
- Further reading
- Obfuscating C2s - Introducing Redirectors
- Technical requirements
- Introduction to redirectors
- Obfuscating C2 securely
- Short-term and long-term redirectors
- Redirection methods
- Dumb pipe redirection
- Filtration/smart redirection
- Domain fronting
- Summary
- Questions
- Further reading
- Achieving Persistence
- Technical requirements
- Persistence via Armitage
- Persistence via Empire
- Persistence via Cobalt Strike
- Summary
- Further reading
- Data Exfiltration
- Technical requirements
- Exfiltration basics
- Exfiltration via Netcat
- Exfiltration via OpenSSL
- Exfiltration with PowerShell
- CloakifyFactory
- Running CloakifyFactory on Windows
- Data exfiltration via DNS
- Data exfiltration via Empire
- Summary
- Questions
- Further reading
- Assessment
- Chapter 1: Red-Teaming and Pentesting
- Chapter 2: Pentesting 2018
- Chapter 3: Foreplay – Metasploit Basics
- Chapter 4: Getting Started with Cobalt Strike
- Chapter 5: ./ReverseShell
- Chapter 7: Age of Empire – The Beginning
- Chapter 8: Age of Empire – Owning Domain Controllers
- Chapter 9: Cobalt Strike – Red Team Operations
- Chapter 10: C2 – Master of Puppets
- Chapter 11: Obfuscating C2s – Introducing Redirectors
- Chapter 13: Data Exfiltration
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-08-13 15:37:38
推薦閱讀
- SignalR Realtime Application Cookbook
- 計算機信息檢索
- Learn pfSense 2.4
- 云計算導論:概念 架構與應用
- Axure RP 原型設計實踐(Web+APP)
- HBase不睡覺書
- 網站建設與管理
- P2P網絡測量與分析
- 走進搜索引擎
- 巧學巧用Dreamweaver CS6、Flash CS6、Fireworks CS6網站制作
- 地理信息系統分析與實踐教程
- Web標準網頁設計原理與前端開發技術
- 計算機網絡技術及應用
- 深度學習:主流框架和編程實戰
- 用Microsoft Project 2007構建企業項目管理信息系統
- 深入淺出ASP.NET Core
- 阿里云云原生架構實踐
- Dreamweaver CS6實例教程(第3版)
- 計算機網絡教程(第4版)
- 網絡設備配置與管理實訓教程
- 信息安全原理與應用
- ASP.NET項目開發全程實錄(第4版)
- Dreamweaver CC2018中文版入門與提高
- 軟件定義網絡實驗教程
- ASP.NET Web應用系統開發(C#)
- 網絡設備配置與調試
- 網站藍圖3.0:互聯網產品(Web/APP/Apple Watch等)Axure 7原型設計寶典
- 計算機網絡實驗教程
- 計算機網絡實訓教程
- Mastering Wireshark
