更新时间:2021-08-13 15:37:38
封面
Title Page
Copyright and Credits
Hands-On Red Team Tactics
Packt Upsell
Why subscribe?
Packt.com
Contributors
About the authors
About the reviewers
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
Disclaimer
Red-Teaming and Pentesting
Pentesting 101
OWASP
Open Source Security Testing Methodology Manual (OSSTMM)
Information Systems Security Assessment Framework (ISSAF)
Penetration Testing Execution Standard (PTES)
Pre-engagement interactions
Intelligence gathering
Threat modeling
Vulnerability analysis
Exploitation
Post-exploitation
Reporting
A different approach
Methodology
How is it different?
Summary
Questions
Further reading
Pentesting 2018
Technical requirements
MSFvenom Payload Creator
Resource file
Koadic
Installation
Why use MSHTA as the dropper payload?
Terminology
Stager establishment
Payload execution
Running Implants
Pivoting
Foreplay - Metasploit Basics
Installing Metasploit
Running Metasploit
Auxiliaries
Exploits
Payloads
Encoders
Meterpreter
Armitage and team server
Metasploit with slack
Armitage and Cortana scripts
Getting Started with Cobalt Strike
Planning a red-team exercise
Cyber kill chain (CKC)
Reconnaissance
Weaponization
Delivery
Command and Control Server
Actions
Objective and goal
Rules of Engagement (RoE)
Scenario/strategy
Deliverables
Introduction to Cobalt Strike
What is a team server?
Cobalt Strike setup
Cobalt Strike interface
Toolbar
Connecting to another team server
Disconnecting from the team server
Configure listeners
Session graphs
Session table
Targets list
Credentials
Downloaded files
Keystrokes
Screenshots
Payload generation – stageless Windows executable
