Red Team/Penetration Methods

22nd October 2019

Large Organizations have developed teams to test their security. The Red team plays the role of the attacker and the Blue team is the defender.

Penetration Methods:

Email is the OG method to get a link/executable/InterpreterHack in front of a user to deliver a payload

Instant Messaging is similar to email with a different transport, same payload

SMS/MMS delivery method has typically delivered a QR code, when scanned takes the user to a misleading website. provices a little obfucation. but could be a bare link

Web portal + weak password / no MFA. Think Cloud services like Office365

Open Inbound TCP ports + vulnerable software. NEVER pass RDP/TCP3389 to an internal server. I find many Security Camera installers that ask to have ports forwarded so cameras can be monitored from offsite, it’s ironic to have your security system be the cause of the insecurity. Investigate Tailscale, it’s easy to use once you learn the basics.

A list of red team methods for password enumeration here. Good explanations.

Knowing how an attacker exploits your environment lets you create a plan to defend that environment.