ARE YOU RED TEAM READY?

S
Sylvain Martinez
ARE YOU RED TEAM READY? Version: 1.2a Date: 26/09/2018 Author: Sylvain Martinez Reference: ESC12-MUSCL Classification: Public
2 • Vulnerability Assessment concept; • Penetration testing concept; • Red team concept; • Traditional cycle; • Red team cycle; • Red team realistic simulation; • Answering different questions; • Hacking scenario; • Hacking milestones; • Find targets; • Get physical access; • Compromise target; • Exfiltrate secret; • Do not get caught!; • Assembling the team; • Execution; • To be careful of; • To do as a priority; CONTENTS PUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT • Future of red teams; • Can you name those devices? • Answers RED TEAM READY
VULNERABILITY ASSESSMENT CONCEPT NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 3RED TEAM READYPUBLIC LARGE SCALE AUTOMATED CHEAP REGULAR Icons from the Noun Project unless specified otherwise
PRENETRATION TESTING CONCEPT 4RED TEAM READYPUBLIC FOCUSED SKILLED AND MORE MANUAL COSTS MORE ON DEMAND/LESS REGULAR NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
RED TEAM CONCEPT 5RED TEAM READYPUBLIC SCENARIO BASED HIGHLY SKILLED EXPANSIVE ON DEMAND/WHEN NEEDED NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
TRADITIONAL CYCLE 6RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4. VALIDATION 5. ANALYSIS6. REPORTING 7. PRESENTATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
RED TEAM CYCLE 7RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4d. EXFILTRATION 5. ANALYSIS6. REPORTING 7. PRESENTATION 4c. FOOTHOLD 4b. EXPLOITATION 4a. VALIDATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
RED TEAM REALISTIC SIMULATION 8RED TEAM READYPUBLIC PHYSICAL / LOGICAL / SOCIAL EMULATE HACKING TECHNICS ESTABLISH PERSISTANCE EXTRACT DATA DEMONSTRATE NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
ANSWERING DIFFERENT QUESTIONS! 9RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RED TEAM EXERCISE CAN MY CONTRACTS BE STOLEN? DO WE HAVE VULNERABILITIES?VULNERABILITY ASSESSMENT CAN MY WEBSITE BE HACKED?PENETRATION TESTING
HACKING SCENARIO 10RED TEAM READYPUBLIC OBJECTIVES • FINANCIAL CONTRACT GOT STOLEN 2 MONTHS AGO; • NOW STORED IN SECURED SERVER IN SECURED ROOM; • CAN THE CONTRACT BE STOLEN AGAIN? NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT INFORMATION GIVEN • NAME OF THE CONTRACT; • 3x INDIVIDUALS’ NAME RELEVANT TO THE CONTRACT; • THE COUNTRY WHERE THE CONTRACT IS LOCATED.
HACKING MILESTONES 11RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 1. FIND TARGETS 2. GET PHYSICAL ACCESS 3. COMPROMISE ASSET 4. EXFILTRATE SECRET 5. DO NOT GET CAUGHT!
FIND TARGETS 12RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
GET PHYSICAL ACCESS 13RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
COMPROMISE TARGET 14RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
EXFILTRATE SECRET 15RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
DO NOT GET CAUGHT! 16RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
ASSEMBLING THE TEAM 17RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
EXECUTION 18RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT PROFESSIONALISM MANDATE
TO BE CAREFUL OF 19RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RENAMING PEN TEST TO RED TEAM KEEPING STAFF HAPPY TRAINING STAY SAFE AND DON’T BECOME A TROJAN HORSE HOW REALISTIC CAN YOU BE SCENARIOS TOO WIDE/AMBITIOUS
TO DO AS A PRIORITY 20RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT CLEAR MILESTONES STAKEHOLDERS ENGAGEMENT BE REALISTIC PROVIDE COMPREHENSIVE THREAT VIEW GET A TEAM WITH DIFFERENT SKILLS
FUTURE OF RED TEAMS 21RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT MORE DEMANDS PURPLE TEAM OFFENSIVE LEGITIMISATION
CAN YOU NAME THOSE DEVICES? 22RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
ANSWERS 23RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
© 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.
1 of 24

ARE YOU RED TEAM READY?

Download to read offline
Technology

A look at what makes a Red Team special versus more traditional security services such as Vulnerability Assessment and Penetration Testing. Use case will also be provided to illustrate the points made in the presentation.

S
Sylvain Martinez

Recommended

PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
234 views23 slides
INTRODUCTION TO CRYPTOGRAPHYINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHYSylvain Martinez
1.2K views21 slides
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONSylvain Martinez
5.5K views27 slides
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWSylvain Martinez
597 views21 slides
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
1.8K views18 slides
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSSylvain Martinez
1.3K views39 slides

More Related Content

More from Sylvain Martinez

OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDSSylvain Martinez
286 views17 slides
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
888 views27 slides
The Art of CTFThe Art of CTF
The Art of CTFSylvain Martinez
223 views22 slides

More from Sylvain Martinez(19)

INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEW
Sylvain Martinez618 views
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
Sylvain Martinez286 views
IOT SecurityIOT Security
IOT Security
Sylvain Martinez888 views
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
Sylvain Martinez180 views
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
Sylvain Martinez206 views
The Art of CTFThe Art of CTF
The Art of CTF
Sylvain Martinez223 views
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
Sylvain Martinez457 views
Risk on Crypto CurrenciesRisk on Crypto Currencies
Risk on Crypto Currencies
Sylvain Martinez649 views
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
Sylvain Martinez1.1K views
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2
Sylvain Martinez195 views
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
Sylvain Martinez183 views
Ethical HackingEthical Hacking
Ethical Hacking
Sylvain Martinez249 views
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONS
Sylvain Martinez157 views
SOCIAL MEDIA AS A CYBER WEAPONSOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Sylvain Martinez278 views
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2
Sylvain Martinez766 views
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
Sylvain Martinez196 views
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
Sylvain Martinez285 views
Talk1 muscl club_v1_2Talk1 muscl club_v1_2
Talk1 muscl club_v1_2
Sylvain Martinez140 views
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez474 views

Recently uploaded

Recently uploaded(20)

The Research Portal of Catalonia: Growing more (information) & more (services)The Research Portal of Catalonia: Growing more (information) & more (services)
The Research Portal of Catalonia: Growing more (information) & more (services)
CSUC - Consorci de Serveis Universitaris de Catalunya51 views
Astera Labs: Intelligent Connectivity for Cloud and AI InfrastructureAstera Labs: Intelligent Connectivity for Cloud and AI Infrastructure
Astera Labs: Intelligent Connectivity for Cloud and AI Infrastructure
CXL Forum118 views
"Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ..."Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ...
"Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ...
Fwdays29 views
Photowave Presentation Slides - 11.8.23.pptxPhotowave Presentation Slides - 11.8.23.pptx
Photowave Presentation Slides - 11.8.23.pptx
CXL Forum118 views
.conf Go 2023 - SIEM project @ SNF.conf Go 2023 - SIEM project @ SNF
.conf Go 2023 - SIEM project @ SNF
Splunk163 views
Green Leaf Consulting: Capabilities DeckGreen Leaf Consulting: Capabilities Deck
Green Leaf Consulting: Capabilities Deck
GreenLeafConsulting170 views
"Fast Start to Building on AWS", Igor Ivaniuk"Fast Start to Building on AWS", Igor Ivaniuk
"Fast Start to Building on AWS", Igor Ivaniuk
Fwdays31 views
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
Fwdays23 views
Data-centric AI and the convergence of data and model engineering: opportunit...Data-centric AI and the convergence of data and model engineering: opportunit...
Data-centric AI and the convergence of data and model engineering: opportunit...
Paolo Missier19 views
PharoJS - Zürich Smalltalk Group Meetup November 2023PharoJS - Zürich Smalltalk Group Meetup November 2023
PharoJS - Zürich Smalltalk Group Meetup November 2023
Noury Bouraqadi77 views
ThroughputThroughput
Throughput
Moisés Armani Ramírez28 views
AMD: 4th Generation EPYC CXL DemoAMD: 4th Generation EPYC CXL Demo
AMD: 4th Generation EPYC CXL Demo
CXL Forum117 views
"How we switched to Kanban and how it integrates with product planning", Vady..."How we switched to Kanban and how it integrates with product planning", Vady...
"How we switched to Kanban and how it integrates with product planning", Vady...
Fwdays59 views
CXL at OCPCXL at OCP
CXL at OCP
CXL Forum183 views
Web Dev - 1 PPT.pdfWeb Dev - 1 PPT.pdf
Web Dev - 1 PPT.pdf
gdsczhcet48 views
Combining Orchestration and Choreography for a Clean ArchitectureCombining Orchestration and Choreography for a Clean Architecture
Combining Orchestration and Choreography for a Clean Architecture
ThomasHeinrichs164 views
"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy
"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy
Fwdays35 views
"Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad..."Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad...
"Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad...
Fwdays33 views
Spesifikasi Lengkap ASUS Vivobook Go 14Spesifikasi Lengkap ASUS Vivobook Go 14
Spesifikasi Lengkap ASUS Vivobook Go 14
Dot Semarang34 views
Transcript: The Details of Description Techniques tips and tangents on altern...Transcript: The Details of Description Techniques tips and tangents on altern...
Transcript: The Details of Description Techniques tips and tangents on altern...
BookNet Canada99 views

ARE YOU RED TEAM READY?

  • 1. ARE YOU RED TEAM READY? Version: 1.2a Date: 26/09/2018 Author: Sylvain Martinez Reference: ESC12-MUSCL Classification: Public
  • 2. 2 • Vulnerability Assessment concept; • Penetration testing concept; • Red team concept; • Traditional cycle; • Red team cycle; • Red team realistic simulation; • Answering different questions; • Hacking scenario; • Hacking milestones; • Find targets; • Get physical access; • Compromise target; • Exfiltrate secret; • Do not get caught!; • Assembling the team; • Execution; • To be careful of; • To do as a priority; CONTENTS PUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT • Future of red teams; • Can you name those devices? • Answers RED TEAM READY
  • 3. VULNERABILITY ASSESSMENT CONCEPT NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 3RED TEAM READYPUBLIC LARGE SCALE AUTOMATED CHEAP REGULAR Icons from the Noun Project unless specified otherwise
  • 4. PRENETRATION TESTING CONCEPT 4RED TEAM READYPUBLIC FOCUSED SKILLED AND MORE MANUAL COSTS MORE ON DEMAND/LESS REGULAR NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 5. RED TEAM CONCEPT 5RED TEAM READYPUBLIC SCENARIO BASED HIGHLY SKILLED EXPANSIVE ON DEMAND/WHEN NEEDED NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 6. TRADITIONAL CYCLE 6RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4. VALIDATION 5. ANALYSIS6. REPORTING 7. PRESENTATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 7. RED TEAM CYCLE 7RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4d. EXFILTRATION 5. ANALYSIS6. REPORTING 7. PRESENTATION 4c. FOOTHOLD 4b. EXPLOITATION 4a. VALIDATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 8. RED TEAM REALISTIC SIMULATION 8RED TEAM READYPUBLIC PHYSICAL / LOGICAL / SOCIAL EMULATE HACKING TECHNICS ESTABLISH PERSISTANCE EXTRACT DATA DEMONSTRATE NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 9. ANSWERING DIFFERENT QUESTIONS! 9RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RED TEAM EXERCISE CAN MY CONTRACTS BE STOLEN? DO WE HAVE VULNERABILITIES?VULNERABILITY ASSESSMENT CAN MY WEBSITE BE HACKED?PENETRATION TESTING
  • 10. HACKING SCENARIO 10RED TEAM READYPUBLIC OBJECTIVES • FINANCIAL CONTRACT GOT STOLEN 2 MONTHS AGO; • NOW STORED IN SECURED SERVER IN SECURED ROOM; • CAN THE CONTRACT BE STOLEN AGAIN? NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT INFORMATION GIVEN • NAME OF THE CONTRACT; • 3x INDIVIDUALS’ NAME RELEVANT TO THE CONTRACT; • THE COUNTRY WHERE THE CONTRACT IS LOCATED.
  • 11. HACKING MILESTONES 11RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 1. FIND TARGETS 2. GET PHYSICAL ACCESS 3. COMPROMISE ASSET 4. EXFILTRATE SECRET 5. DO NOT GET CAUGHT!
  • 12. FIND TARGETS 12RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 13. GET PHYSICAL ACCESS 13RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 14. COMPROMISE TARGET 14RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 15. EXFILTRATE SECRET 15RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 16. DO NOT GET CAUGHT! 16RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 17. ASSEMBLING THE TEAM 17RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 18. EXECUTION 18RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT PROFESSIONALISM MANDATE
  • 19. TO BE CAREFUL OF 19RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RENAMING PEN TEST TO RED TEAM KEEPING STAFF HAPPY TRAINING STAY SAFE AND DON’T BECOME A TROJAN HORSE HOW REALISTIC CAN YOU BE SCENARIOS TOO WIDE/AMBITIOUS
  • 20. TO DO AS A PRIORITY 20RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT CLEAR MILESTONES STAKEHOLDERS ENGAGEMENT BE REALISTIC PROVIDE COMPREHENSIVE THREAT VIEW GET A TEAM WITH DIFFERENT SKILLS
  • 21. FUTURE OF RED TEAMS 21RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT MORE DEMANDS PURPLE TEAM OFFENSIVE LEGITIMISATION
  • 22. CAN YOU NAME THOSE DEVICES? 22RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
  • 24. © 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.