Welcome to Scribd!

Skip carousel

13 - Reenz0h PDF

Uploaded by

EnoshShath

0% found this document useful (0 votes)

58 views25 pages

Original Title

13 - reenz0h.pdf

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

58 views25 pages

13 - Reenz0h PDF

Uploaded by

EnoshShath

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 25

Search inside document

HackCon#12, Oslo, Norway

Red/Purple Teaming
Warstories...
Bravo!

Crew
For awesome Con!
Disclaimer
The views and opinions expressed in this presentation are
those of the author and do not necessarily represent official
policy or position of my employer or of its clients.
about(me);
$ finger -l $USER

Login name: reenz0h In real life: reenz0h

Directory: /home/sweeTHome Shell: /usr/bin/ipython
Last login Tue Feb 14 23:21 on rawttyS0 from ::1
Unread mail since Tue Feb 14 23:40:24 2017
Plan:
* Senior Red Team Analyst
* Former (sys|net)admin
* Speaker/trainer
* Co-organizer of x33fcon conference

4
2/15/2017
RedTeaming

5
2/15/2017
Pentesting vs Redteaming
Can you get in through the window?
vs
Can you steal money?

Red Teaming:
Pentest: Full Scope,
Restricted Scope, Goal Based,
Controls Based, Leverages
Broad Coverage, Pressure Points
Less Depth

6
2/15/2017
Redteaming – P/D/R
Protect Detect Respond

Vulnerability
Centric
• Vulnerability scans 
• Classic Pentest
Exploit
Centric • Black Box/Grey Box 
Threat
Centric
• Threat Simulation
  

7
2/15/2017
Examples

8
2/15/2017
Example 1
Objective: Exfiltrate data from secured network

9
2/15/2017
Example 1 – cont.
Solution: Be like MacGyver, ride on Connect:Direct

10
2/15/2017
Example 2
Objective: Exfiltrate data (secured network w/ 2FA)

11
2/15/2017
Example 2 – cont.
Solution: Be like MacGyver, ride on SchTasks

12
2/15/2017
Example 3
Objective: Exfiltrate data (virtualized environment)

13
2/15/2017
Example 3 – cont.
Solution: be like MacGyver, ride on shared drive

14
2/15/2017
Bottom line?

15
2/15/2017
Be like MacGyver

16
2/15/2017
There’s only ONE MacGyver!

17
2/15/2017
Blue Team vs Red Team?

source: red-6.com

18
2/15/2017
Blue + Red = Purple Team

19
2/15/2017
Purple Teaming – how?
Internal Team External Team/Contractor

• Bubble Assignments (cross team • Detection opportunities

rotation) • Mini-detect phase
• Regular meetings Red/Blue • Log sharing
• Threat Intelligence sharing • Hands-on exercises
• Trainings/workshops • Fire drill

20
2/15/2017
MITRE ATT&CK Framework

• Post exploitation matrix

source: attack.mitre.org

• For both Red/Blue teams

21
2/15/2017
Purple Teaming - summary
• It’s hard!
• More realistic detection
• Better understanding of threat actors’ TTPs
• Cross-domain knowledge
• Building relations with other teams
• Talent hunting
• Improving offensive capabilities

source: bodybuilding.com
22
2/15/2017
When Red meets Blue...

 Fresh IT Security con in Gdynia, Poland

 Blue/Red Team collaboration
 April 24-28, 2017
 Great content, great speakers: mubix,
carnal0wnage, David Bianco, Jack Crook,
Dragon Sector, and more...
 Discount code (10%): hc17.24a1c58f
 Valid till end of Feb 2017!

https://www.x33fcon.com @x33fcon FB/x33fcon

24
2/15/2017
Thank you!

25
2/15/2017

Big Data Preprocessing: Enabling Smart Data
From Everand
Big Data Preprocessing: Enabling Smart Data
Julián Luengo
No ratings yet
How Do Machines Learn From Data?: Prof. Wei-Guang Teng Dept. of Engineering Science, NCKU
Document38 pages
How Do Machines Learn From Data?: Prof. Wei-Guang Teng Dept. of Engineering Science, NCKU
meiselina
No ratings yet
Data Mining Course Syllabus
Document57 pages
Data Mining Course Syllabus
Hiểu Nguyễn
No ratings yet
ch3 2
Document30 pages
ch3 2
楊喻妃
No ratings yet
2021 01 Slides l4 ML
Document253 pages
2021 01 Slides l4 ML
sajjad Baloch
No ratings yet
01.black Box ML
Document67 pages
01.black Box ML
sam king
No ratings yet
Chapter 9 Decision Making Under Uncertainty
Document15 pages
Chapter 9 Decision Making Under Uncertainty
jalilacastano
No ratings yet
Introduction To CRISP DM Framework For Data Science and Machine Learning
Document7 pages
Introduction To CRISP DM Framework For Data Science and Machine Learning
rameshsripada
No ratings yet
VLSI Partitioning Techniques
Document40 pages
VLSI Partitioning Techniques
john8880
No ratings yet
Decision Trees Explained - Entropy, Information Gain, Gini Index, CCP Pruning - by Shailey Dash - Towards Data Science
Document25 pages
Decision Trees Explained - Entropy, Information Gain, Gini Index, CCP Pruning - by Shailey Dash - Towards Data Science
Akash Mukherjee
No ratings yet
Data Mining Part 1: Ing. Ridho Rahmadi, M.SC
Document39 pages
Data Mining Part 1: Ing. Ridho Rahmadi, M.SC
Nizar Fahmi
No ratings yet
Jax Performance Paper
Document29 pages
Jax Performance Paper
LoLman
No ratings yet
Data Science
Document23 pages
Data Science
a v
No ratings yet
DLCV CH0 Syllabus v2
Document16 pages
DLCV CH0 Syllabus v2
Mario Parot
No ratings yet
P.P.Savani Chaitanya Vidya Sankul (CBSE) SESSION-2021-2022 Informatics Practices Standard: 12 Science
Document19 pages
P.P.Savani Chaitanya Vidya Sankul (CBSE) SESSION-2021-2022 Informatics Practices Standard: 12 Science
Aaditya Desai
No ratings yet
Data Mining: Model Overfitting Introduction To Data Mining, 2 Edition by Tan, Steinbach, Karpatne, Kumar
Document15 pages
Data Mining: Model Overfitting Introduction To Data Mining, 2 Edition by Tan, Steinbach, Karpatne, Kumar
Yosua Siregar
No ratings yet
0417 m17 QP 12
Document16 pages
0417 m17 QP 12
Mohammed MaGdy
No ratings yet
Data Strategy Guide
Document18 pages
Data Strategy Guide
Amit Jain
No ratings yet
Data Strategy Nov 6
Document35 pages
Data Strategy Nov 6
Amit Jain
No ratings yet
Les 2
Document35 pages
Les 2
viany lepro
No ratings yet
SMT Project 3-1
Document17 pages
SMT Project 3-1
surya
No ratings yet
Project Documents On Student Enrollment System
Document32 pages
Project Documents On Student Enrollment System
Sankalp Meshram
No ratings yet
4 Ways To Boost Simulation Data Processing Using Python - Keysight - EDA - 4may2017 - Webcast - Slides
Document59 pages
4 Ways To Boost Simulation Data Processing Using Python - Keysight - EDA - 4may2017 - Webcast - Slides
srescia
No ratings yet
Cambridge International Examinations: Information Technology 9626/32 March 2017
Document9 pages
Cambridge International Examinations: Information Technology 9626/32 March 2017
Mukisa Benjamin
No ratings yet
AISC - Learning To Simulate Complex Physics With Graph Networks
Document36 pages
AISC - Learning To Simulate Complex Physics With Graph Networks
Robon Rus
No ratings yet
Seismic Visualisation Using Python Language_240405_120657
Document28 pages
Seismic Visualisation Using Python Language_240405_120657
Armel Ambassa
No ratings yet
How Image Compression Reduces File Size
Document262 pages
How Image Compression Reduces File Size
Jayavardhini Gopal
No ratings yet
Abdelghani KABOT S CV 1675947915
Document2 pages
Abdelghani KABOT S CV 1675947915
hamada
No ratings yet
A Company's Digital Twin Process Simulation
Document38 pages
A Company's Digital Twin Process Simulation
Ajinkya Chavan
100% (2)
Engineering Decision Making Individual Project Outline
Document13 pages
Engineering Decision Making Individual Project Outline
Dynamix Solver
No ratings yet
How To Quickly Identify Behind Schedule and Over Budget Activity by Indicator UDF in Primavera P6 - Do Duy Khuong Blog
Document12 pages
How To Quickly Identify Behind Schedule and Over Budget Activity by Indicator UDF in Primavera P6 - Do Duy Khuong Blog
husam-h2252
No ratings yet
Data Modeling March 16
Document29 pages
Data Modeling March 16
Harsh Patel
No ratings yet
Data Modeling March 16
Document29 pages
Data Modeling March 16
Harsh Patel
No ratings yet
State of Cyber Security 2023
Document25 pages
State of Cyber Security 2023
Rushikesh Thombre
100% (1)
1_introduction_to_big_data_management_and_processing
Document42 pages
1_introduction_to_big_data_management_and_processing
tranngocbaooooo12062003
No ratings yet
MOWM Multiple Overlapping Window Method For RBF Bas - 2019 - Expert Systems Wit
Document16 pages
MOWM Multiple Overlapping Window Method For RBF Bas - 2019 - Expert Systems Wit
spike9444
No ratings yet
Image Processing on Raspberry Pi Cluster
Document9 pages
Image Processing on Raspberry Pi Cluster
fatima
No ratings yet
H00360200 F3 Week2
Document6 pages
H00360200 F3 Week2
陈健平
No ratings yet
A Use Case For Lorden's Inequality - by Tarek Samaali - Mar, 2022 - Towards Data Science
Document10 pages
A Use Case For Lorden's Inequality - by Tarek Samaali - Mar, 2022 - Towards Data Science
Jez Nehemiah
No ratings yet
5 Exciting Deep Learning Advancements To Keep Your Eye On in 2021 - by Andre Ye - Towards Data Science
Document12 pages
5 Exciting Deep Learning Advancements To Keep Your Eye On in 2021 - by Andre Ye - Towards Data Science
Marco Antonio Pretti
No ratings yet
12 Memory3
Document52 pages
12 Memory3
Petar
No ratings yet
Tensorflow PDF
Document35 pages
Tensorflow PDF
martinez
No ratings yet
CS161: Introduction To Computer Science I: Week 1
Document31 pages
CS161: Introduction To Computer Science I: Week 1
Vuong Phan Thi
No ratings yet
I apologize, upon further reflection I do not feel comfortable providing examples that could enable the non-consensual collection or use of personal data
Document36 pages
I apologize, upon further reflection I do not feel comfortable providing examples that could enable the non-consensual collection or use of personal data
me andan buscando
No ratings yet
Mlfinlab PyPI
Document7 pages
Mlfinlab PyPI
Vijay Kumar
No ratings yet
Machine Learning, Big Data y Procesamiento de
Document23 pages
Machine Learning, Big Data y Procesamiento de
Andrés Darío Suárez Guarnizo
No ratings yet
Machine Learning, Big Data and Image Processing
Document23 pages
Machine Learning, Big Data and Image Processing
Andrés Darío Suárez Guarnizo
No ratings yet
5 Matrix Data Analysis Diagram - Explained With Example
Document9 pages
5 Matrix Data Analysis Diagram - Explained With Example
ashwani patel
No ratings yet
Python Final Micro Project Python Final Micro Project: Commerce (University of Mumbai) Commerce (University of Mumbai)
Document33 pages
Python Final Micro Project Python Final Micro Project: Commerce (University of Mumbai) Commerce (University of Mumbai)
Tahesin T
No ratings yet
ACM AdaptiveMachineLearningBasedNetworkIntrusion
Document7 pages
ACM AdaptiveMachineLearningBasedNetworkIntrusion
Nithish K m
No ratings yet
Six-Sigma: It'S A Dirty Job: Andrew Gonce, Mckinsey Bob Landel and Jitendra Gupta Mba 08, Darden
Document31 pages
Six-Sigma: It'S A Dirty Job: Andrew Gonce, Mckinsey Bob Landel and Jitendra Gupta Mba 08, Darden
Spunky
No ratings yet
Data Mining
Document49 pages
Data Mining
Lôny Nêz
No ratings yet
Bab 1: Introduction To Big Data
Document8 pages
Bab 1: Introduction To Big Data
Nashi M.A
No ratings yet
3 October - Armis - Eliminate The IoT Security Blind Spot Slide Deck
Document12 pages
3 October - Armis - Eliminate The IoT Security Blind Spot Slide Deck
sairamsharklasers
No ratings yet
An Analysis of Scale Invariance in Object Detectio
Document11 pages
An Analysis of Scale Invariance in Object Detectio
V Prasanna Shrinivas
No ratings yet
Concepts and Techniques: Data Mining
Document79 pages
Concepts and Techniques: Data Mining
Xhy Kat
No ratings yet
OPC Excel Batch Reporting
Document6 pages
OPC Excel Batch Reporting
dddd
No ratings yet
ML-Lec-07-Decision Tree Overfitting
Document25 pages
ML-Lec-07-Decision Tree Overfitting
Hamza
No ratings yet
Tutorial Pres 1
Document28 pages
Tutorial Pres 1
Jonas Jixiao Wang
No ratings yet
DWDM Lab Manual: Department of Computer Science and Engineering
Document46 pages
DWDM Lab Manual: Department of Computer Science and Engineering
Dilli Books
No ratings yet
CNNW 20190417 000000 Anderson Cooper 360.webentities
Document148 pages
CNNW 20190417 000000 Anderson Cooper 360.webentities
EnoshShath
No ratings yet
Dirty Bad Secrets
Document4 pages
Dirty Bad Secrets
EnoshShath
No ratings yet
2007-08-29 SIDToday - SID Around The World Jumping Into Yorkshires Village Life With Both Feet
Document3 pages
2007-08-29 SIDToday - SID Around The World Jumping Into Yorkshires Village Life With Both Feet
EnoshShath
No ratings yet
Osint Tools
Document136 pages
Osint Tools
EnoshShath
No ratings yet
A Toolbox For The Intelligence Analyst
Document12 pages
A Toolbox For The Intelligence Analyst
Nelson G. Souza
100% (1)
Open Source Intelligence Handbook
Document57 pages
Open Source Intelligence Handbook
José Tolentino Bazán
83% (6)
Openssl DGST - Sha1 File1: This Generates The Private Key and Store It Encrypted (Using Password)
Document4 pages
Openssl DGST - Sha1 File1: This Generates The Private Key and Store It Encrypted (Using Password)
Suraj Padhy
No ratings yet
Beginner Guide To Cyber Security
Document7 pages
Beginner Guide To Cyber Security
Gangadhar
No ratings yet
CSE 477 Introduction to Computer Security Lecture
Document21 pages
CSE 477 Introduction to Computer Security Lecture
GOLAP HOSSAIN
No ratings yet
Computer System Security: Introduction, Goals, Threats & Defenses
Document155 pages
Computer System Security: Introduction, Goals, Threats & Defenses
श्री Krishna
No ratings yet
INFS1701 3617 T1 2023 LecW8
Document32 pages
INFS1701 3617 T1 2023 LecW8
Darren Nguyen
No ratings yet
Secure Architecture Principles
Document67 pages
Secure Architecture Principles
salim ucar
No ratings yet
Zero Trust Presentation
Document14 pages
Zero Trust Presentation
Edie Firdaus
No ratings yet
Implementation of Digital Signature Algorithm
Document8 pages
Implementation of Digital Signature Algorithm
rakesh_gundeti5612
No ratings yet
Zero Trust Architecture: Nist'S Guidance For A
Document14 pages
Zero Trust Architecture: Nist'S Guidance For A
Баке
No ratings yet
Blowfish Algorithm With Examples - GeeksforGeeks
Document27 pages
Blowfish Algorithm With Examples - GeeksforGeeks
xativiy256
No ratings yet
Home For Consumers: Avoid Scams
Document4 pages
Home For Consumers: Avoid Scams
Abang Nurazly
No ratings yet
Threat Model For Bwapp
Document38 pages
Threat Model For Bwapp
shinde_jayesh2005
No ratings yet
Module 11 - Software Development
Document45 pages
Module 11 - Software Development
Don Jino
No ratings yet
Documents Posters Encryption Plotter
Document1 page
Documents Posters Encryption Plotter
James Heath
No ratings yet
Avg Serial Keys
Document2 pages
Avg Serial Keys
shahan5star
No ratings yet
Email Security Report
Document15 pages
Email Security Report
Samir Soni
No ratings yet
Computer and Network Security Essentials 2018 PDF
Document609 pages
Computer and Network Security Essentials 2018 PDF
amitshivni
100% (5)
NIST 800-53 Rev 5.0
Document55 pages
NIST 800-53 Rev 5.0
adina
No ratings yet
PR 10
Document9 pages
PR 10
jivanlad22
No ratings yet
02 - Computing - ch5 - Security and Ethics
Document3 pages
02 - Computing - ch5 - Security and Ethics
Prince Jee Gulane Dj/Producer
No ratings yet
DAA Report
Document8 pages
DAA Report
Ahmed Razzaq
No ratings yet
2022TDR ExecutiveSummary
Document18 pages
2022TDR ExecutiveSummary
Iulian Mongescu
No ratings yet
Key Management Distribution Techniques
Document35 pages
Key Management Distribution Techniques
Soumak Poddar
No ratings yet
Ebook - A Complete Guide To Data Breaches
Document31 pages
Ebook - A Complete Guide To Data Breaches
Every Loot
No ratings yet
Integrigy Encrypting Sensitive Data in Oracle EBS
Document34 pages
Integrigy Encrypting Sensitive Data in Oracle EBS
Jai Soni
100% (1)
Homomorphic Encryption for IoT Security
Document15 pages
Homomorphic Encryption for IoT Security
Hareesh Arjun
No ratings yet
Key For NOD32
Document8 pages
Key For NOD32
Alin Hînceşti
No ratings yet
The MSPs Response Guide To A Ransomware Attack
Document4 pages
The MSPs Response Guide To A Ransomware Attack
deric soon
No ratings yet
Topic: Physical and Personnel Security Multiple Choice Questions
Document4 pages
Topic: Physical and Personnel Security Multiple Choice Questions
Ayesha Ali
No ratings yet
WPA3技术白皮书 6W100 整本手册
Document7 pages
WPA3技术白皮书 6W100 整本手册
justy0714
No ratings yet