Professional Documents
Culture Documents
Teaming
101
CYBERONICS | HACKTOBERFEST 2K22
Whoami >
Linked-IN | Blog
TABLE OF CONTENTS
01 02
Red Team Intro Red Team Components
Basic introduction about Red Various components for Red Team
Team Engagements Engagements
03 04
Red Team Life MitreAttack
Cycle More About Mitre Framework
INTRODUCTION
Red Team engagements are not an
offensive techniques, it generally an
process of recreating or stimulating an
real world cyber attack to determine or
observes various types of vulnerabilities
exist in an organisation
RED TEAM OBJECTIVES
Hardware Network
Multiple pieces of hardware Multiple pieces of Network components
components like servers, for data transmission and
computer, IOT devices, etc. communication
Active Escalation
Directory Evasion &
Persistence
Domains
Domain Its generally manage groups & Object
Controller
Its an centralized controlling events, Organisational
which typically controls rest of the
domains
Unit [OU]
Container of groups, computer,
user & printers, etc
Forest
It's an collection of multiple Object
domains
User, Group, Printers, shared
drives, Etc,
AD Components
User
Users &
Classification
Groups
Users are classified into 4 Major
User: User are the group inside AD sections
Example person1.abc.com
By default DC comes with 2 users Domain Admin
Service Account : Sql, jenkins etc
Administrator Local Admin : Privileged users
Guest Domain User : Daily users
AD Components
Domain
Trust
Services
The process of assigning or gaining An service with specific functions
access to the resources
Domain Services
Certificate Services
Policy Federation Services
Rights Management Services
Assigning restrictions and privileges to
the users and computers.
Command & Control
C2C
A command-and-control [C&C] server is a computer
controlled by an attacker or adversaries which is used to
send commands to systems compromised by malware and
receive stolen data from a target network.
Commonly Used C2C
Merlin
A cross-platform, Merlin is a post-exploitation Covenant is a .NET command
post-exploit, red teaming Command & Control server and control framework that
and agent written in Go. aims to highlight the attack
surface of .NET,
Comercial C2C
C2C framework
frameworks
developed by MITRE
Demo !
Escalation, Evasion &
Persistence
Escalation: The process of gaining an high privileged
access
ECPTX CRTE
Certified Red Team Expert
Certified Penetration Tester
Pentester Academy
eXtreme
E-learn Security
THANKS!
Do you have any questions?