Getting paid to break into networks? Being on a Red Team is probably the coolest job in the coolest profession on earth which is of course cyber security. There is so much to learn from red team activities because to win you need to know your enemy. Moreover, Sun Tzu is purported to further say that “To know your enemy you must become your enemy.” That is what Kyle Hood and Matt Schmidt, both senior red teamers at Rapid7, do every day.
During this real training for free event Kyle and Matt will break down the attack path a red team follows and share some of their best use cases and examples like:
- Breaking into a bank has never been so easy, all we had to do was ask. How physical entry is as easy as a can of air and polite questions.
- Yes, I’d like a job, and a shell, please. How a resume landed us initial access in an international company.
- Are Shells acceptable, they are when My shell is in your Acceptable Use Policy. How we took over a technology company by embedding a staged payload in an AUP Phish.
We’ll put all of this in context with regard to MITRE ATT&CK. Some of the techniques discussed will be:
- T1566 001/002 – Phishing,
- T1072 - Software Deployment Tools,
- T1053 - Scheduled Task/Job,
- T1558 003 - Steal or Forge Kerberos Tickets: Kerberoasting
- And more
We will also discuss the difference between commodity pentesting and red teaming and further contrast the hybrid purple team variation to red teaming with more use cases and examples. We'll end with a look inside InsightVM and how it can help defenders identify some of the technology focused vulnerabilities in the organization, freeing up defenders’ time to focus on identifying the more advanced tactics, techniques and procedures.
Please join us for this technical and interesting event.