Your Guardian in the Cyber World
After completing the CCSP certification, I decided to switch gears and pick-up a book focusing on red teaming or adversary emulation. I chose How to Hack Like a LEGEND by Sparc Flow. This book is part of the series, Hack The Planet. The first edition of this book was independently published by the author in […]
This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. A well designed Command and Control (C2) infrastructure is critical to the success of an adversary emulation exercise. During an engagement, established C2 sessions may get disconnected frequently. Whenever this happens, there might be a temptation to re-exploit the target […]
This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. If you want to beat your adversaries, think like them. A common adage we have all heard. MITRE ATT&CK is just that. A framework to think like adversaries and beat them in their game. It is a culmination of […]
This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. Adversary Emulation is a form of cybersecurity assessment. During this assessment assessors replicate a specific threat scenario. For example, assessors may assume the role of cyber criminals who want to exfiltrate customer data out of the organization. Another scenario could […]
This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. The lifecycle consisted of following phases, with phases 3-6 being cyclic in nature: Recon (Information Gathering) – In this phase, publicly available information (website, company profile, social media pages, employee profiles etc.) is gathered about the target organization. Initial Compromise […]
