Overview – red team methodology

The red team uses multiple means to test an organization's controls and behaviors of personnel in the organization, using their own methodology that is similar to what we've learned about the Cyber Kill Chain:

  • Reconnaissance:
    • What can we find out about the target?
    • Where are the weaknesses?
    • How can we exploit them?
  • Weaponization:
    • What do we need to develop to exploit the vulnerability that we found?
  • Delivery:
    • How are we going to package this?
  • Exploitation:
    • How are we going to get the vulnerability to do what we want?
  • Post-Exploitation:
    • We are in! What are we going to do now?
  • Reporting:
    • Did we get what we wanted? 
    • Why or why not?
    • Who needs to know this?
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.118.226.66