Tribe of Hackers Red Team
eBook - ePub

Tribe of Hackers Red Team

Tribal Knowledge from the Best in Offensive Cybersecurity

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Tribe of Hackers Red Team

Tribal Knowledge from the Best in Offensive Cybersecurity

About this book

Want Red Team offensive advice from the biggest cybersecurity names in the industry? Join our tribe. The Tribe of Hackers team is back with a new guide packed with insights from dozens of the world's leading Red Team security specialists. With their deep knowledge of system vulnerabilities and innovative solutions for correcting security flaws, Red Team hackers are in high demand. Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity takes the valuable lessons and popular interview format from the original Tribe of Hackers and dives deeper into the world of Red Team security with expert perspectives on issues like penetration testing and ethical hacking. This unique guide includes inspiring interviews from influential security specialists, including David Kennedy, Rob Fuller, Jayson E. Street, and Georgia Weidman, who share their real-world learnings on everything from Red Team tools and tactics to careers and communication, presentation strategies, legal concerns, and more

  • Learn what it takes to secure a Red Team job and to stand out from other candidates
  • Discover how to hone your hacking skills while staying on the right side of the law
  • Get tips for collaborating on documentation and reporting
  • Explore ways to garner support from leadership on your security proposals
  • Identify the most important control to prevent compromising your network
  • Uncover the latest tools for Red Team offensive security

Whether you're new to Red Team security, an experienced practitioner, or ready to lead your own team, Tribe of Hackers Red Team has the real-world advice and practical guidance you need to advance your information security career and ready yourself for the Red Team offensive.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Tribe of Hackers Red Team by Marcus J. Carey,Jennifer Jin in PDF and/or ePUB format, as well as other popular books in Informatica & Crittografia. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Wiley
Year
2019
Print ISBN
9781119643326
eBook ISBN
9781119643333
Edition
1
Topic
Informatica
Subtopic
Crittografia

1
Marcus J. Carey

ā€œToday, open source tools dominate the red team space, making it possible for more people to get familiar and practice.ā€
Closeup image of the cybersecurity community advocate and startup founder
Twitter: @marcusjcarey ā€¢ Website: https://www.linkedin.com/in/marcuscarey/
Marcus J. Carey is a cybersecurity community advocate and startup founder with more than 25 years of protecting government and commercial sensitive data. He started his cybersecurity career in U.S. Navy cryptology with further service in the National Security Agency (NSA).
How did you get your start on a red team?
The funny thing about my red team journey is I wasnā€™t technically a paid red teamer until I got fired from a job and had to make ends meet. I picked up work at an East Coast consultancy doing penetration testing and product development.
I was able to gain red team skills by working at the Defense Cyber Crime Center (DC3). There I did research, taught, and did course development. Amazingly, I had access to all the red team tools that you could imagine, plus every digital forensics tool on the planet. I also had the pleasure of working with a guy named Johnny Long who was quite the hacker and red teamer himself.
Iā€™m extremely lucky to have been in those positions to prepare me for a red team role. Today, open source tools dominate the red team space, making it possible for more people to get familiar and practice.
They say luck is when preparation meets opportunity. It sucks that I was laid off, but it was a blessing to have red team skills to pay the bills.
What is the best way to get a red team job?
It is uncommon for people to start directly into red team jobs. The best way is to have or gain a skill such as internetworking, system administration, or software engineering and start out in a blue team role. Getting into a blue team role will allow you gain cybersecurity experience and network with people in your dream role.
You can network internally and externally from your organization at local events and regional cybersecurity conferences. There are a couple of certifications tailored to red teaming that can get you noticed by red teams looking to add some human resources.
How can someone gain red team skills without getting in trouble with the law?
I recommend downloading virtual machines and web applications that have vulnerabilities on them when trying to learn at home. There are plenty out there; just be careful and donā€™t put them on the internet because they will be compromised in short order.
If you donā€™t have permission from the system owners to test or run tools, you are probably violating some law. If you are trying to get into red teaming, try to exploit only the systems that you own or systems that you have explicit written permission to exploit.
Why canā€™t we agree on what a red team is?
I think itā€™s human nature to want to differentiate from each other, especially in a competitive environment like the cybersecurity community. What I have learned is that there are only so many ways to solve problems. Many times we end up with the same solutions to the same problems we see. We end up having different names for the same thing. The old saying ā€œThere are no new ideas under the sunā€ is proven right every time I talk to people trying to solve the same issues.
What is one thing the rest of information security doesnā€™t understand about being on a red team? What is the most toxic falsehood you have heard related to red, blue, or purple teams?
There is a natural conflict between the red team and the blue team caused by a mixture of bad experiences and misunderstandings. I think the toxic bit sometimes comes from people making mistakes like taking down servers or leaving malware on endpoints. The problem is that everyone hears red team horror stories, and there isnā€™t a lot of data that backs anything up.
When should you introduce a formal red team into an organizationā€™s security program?
I believe that everyone in information technology and software engineering should know how to build, secure, and hack anything they are in charge of. My crazy vision is everyone always threat modeling and red teaming everything they do. You donā€™t need to have red team as your title to utilize red team skills. I always say, ā€œHack more. Worry less.ā€
How do you explain the value of red teaming to a reluctant or nontechnical client or organization?
I believe the best way to do this is to explain that even though the red team has an adversarial role, internal and external red team goals are aligned in the sense that we all want to protect sensitive data and critical systems. To keep the trust over time, red teams should always avoid showing up blue teams and internal stakeholders. You can only do this by working closely as a team. It takes only one bad experience to potentially ruin these relationships.
What is the least bang-for-your-buck security control that you see implemented?
Antivirus.
Have you ever recommended not doing a red team engagement?
I certainly have. I recommend that the organization start with vulnerability management and getting policy and governance into play. I see too many organizations out there getting ā€œpenetration testedā€ for compliance. I put those words in quotes because organizations are typically getting a limited-scope vulnerability scan.
Whatā€™s the most important or easiest-to-implement control that can prevent you from compromising a system or network?
Iā€™m going to go with restricting administrative privileges for end users. Iā€™ve seen first hand how this drastically reduces infections on a network. This simple control applies to organizations of any size. Restricting privileges is easy to implement and scale.
Why do you feel it is critical to stay within the rules of engagement?
The only difference between a good person and a bad person is that the good person follows the rules. Violating the rules of engagement breaks the trust between teams. If you violate the rules of engagement, you may be breaking the law as well.
If you were ever busted on a penetration test or other engagement, how did you handle it?
One of the most embarrassing things I ever did related to red teaming is owning a USB thumb drive with a volume name of Marcus Carey. I ended up using the thumb drive in a server, and the forensics software detected the device that had my name on it.
Iā€™ll never make that mistake again. Iā€™m sharing this story so it doesnā€™t happen to you. Sharing is caring!
What is the biggest ethical quandary you experienced while on an assigned objective?
The biggest ethical quandary is being intentionally deceptive in spear phishing and social engineering. This is primarily because you could cause actual harm to people and their livelihoods on the other side of the phish.
One of my mentors would always ask for a few executives to be in scope in every engagement so management couldnā€™t blame it on their staff. He wasnā€™t satisfied until an executive was compromised. Sometimes heā€™d conceal the identity of the person whom he compromised so they wouldnā€™t get in trouble.
How does the red team work together to get the job done?
If you are working with a team, communication is the most important element. Split up work and ensure you document everything that you do on an engagement. Trust is important as well, because Iā€™ve seen situations where team members lose faith in their teammates.
I recommend using collaborative tools so everyone can see what their teammates are doing. Transparency always wins. One more thing, donā€™t be afraid to ask for help; thatā€™s what teammates are for. If your teammate is an expert at a certain thing, simply ask for help.
What is your approach to debriefing and supporting blue teams after an operation is completed?
Professionalism is the key. Since we are all human, feelings can come into play when debriefing to internal and external blue teams. Always let them know you are on the same team as far as the big mission goes. If you do it right, they will have a detailed plan for how to correct any issues you discovered.
The hard part is when you help someone and then come back in the future and find that the same issues exist. Donā€™t get mad. Try not to get burnt out. Stay professional and try to help. You can lead a horse to water, but you canā€™t make it drink.
If you were to switch to blue team, what would be your first step to better defend against attacks?
Iā€™m blue team for life, but I occasionally red team. The first step to being able to defend against attacks is putting policy in place and following it. I repeat, follow it.
People donā€™t implement policies because it feels cumbersome. Security policy should be looked at like a map. You may not be where the policy says you are, but if you donā€™t have a map, youā€™ll never reach your destination.
What is some practical advice on writing a good report?
My advice is to ...

Table of contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Acknowledgments
  5. Introduction
  6. 1 Marcus J. Carey
  7. 2 David Bell
  8. 3 Paul Brager
  9. 4 Beau Bullock
  10. 5 Christopher Campbell
  11. 6 Stephanie Carruthers
  12. 7 Mark Clayton
  13. 8 Ben Donnelly
  14. 9 Skip Duckwall
  15. 10 Ronald Eddings
  16. 11 Justin Elze
  17. 12 Mike Felch
  18. 13 Kevin Figueroa
  19. 14 Marco Figueroa
  20. 15 Jared Folkins
  21. 16 Rob Fuller
  22. 17 Patrick Fussell
  23. 18 Chris Gates
  24. 19 Brian Genz
  25. 20 Jared Haight
  26. 21 Stephen Hilt
  27. 22 Brent Kennedy
  28. 23 David Kennedy
  29. 24 Maggie Ligon
  30. 25 Jeffrey Man
  31. 26 Tim MalcomVetter
  32. 27 Brandon McCrillis
  33. 28 Oddvar Moe
  34. 29 Chris Nickerson
  35. 30 Ryan Oā€™Horo
  36. 31 Carlos Perez
  37. 32 Francesc Rodriguez
  38. 33 Derek Rook
  39. 34 Isaiah Sarju
  40. 35 Mary Sawyer
  41. 36 Bradley Schaufenbuel
  42. 37 Tinker Secor
  43. 38 Jayson E. Street
  44. 39 Chris Truncer
  45. 40 Carl Vincent
  46. 41 Georgia Weidman
  47. 42 Adam Willard
  48. 43 Jake Williams
  49. 44 Robert Willis
  50. 45 Robin Wood
  51. 46 Wirefall
  52. 47 Phillip Wylie
  53. Epilogue
  54. End User License Agreement