HackDig : Dig high-quality web security articles for hackers

Red Teaming: How to Run Effective Cyber-Drills?

What is red teaming? How is it different from conventional penetration testing? Why do we need blue, red, and white teams? How are cyber-drills carried out, and what results should be expected? In this article, we will answer these and other questions related to red teaming.What is Red Teaming?The red team attacks, the blue team defends. The simple rules of
Publish At:2020-02-28 00:43 | Read:1073 | Comments:0 | Tags:Vulnerability Management Blue Team pentest Red Team

Red Teaming for Blue Teamers: A Practical Approach Using Open Source Tools

For the majority of people in the information security world, the act of offensive hacking is something they are tasked with protecting against but have little ability to do themselves. That is like asking a professional boxer to enter the ring without knowing how to throw a punch. Sure, you may be able to get in and last a few rounds, but eventually, a form
Publish At:2020-02-19 00:33 | Read:1055 | Comments:0 | Tags:Events Blue Team Red Team RSA

The importance of logs: You won’t see what you don’t log

Presentation on logging and auditing strategies (as given at Secure South West 11). Building on my blog post on Cisco’s security blog entitled The Importance of Logs, I put together a presentation that picks apart some of the practical aspects of building a successful logging capability focusing on the need to document “good” and curate 
Publish At:2019-09-19 17:35 | Read:1464 | Comments:0 | Tags:Presentations blue team hardening red team SecureSouthWest t

Where 2 worlds collide: Bringing Mimikatz et al to UNIX

Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Over the past fifteen years there’s been an uptick in “interesting” UNIX infrastructures being integrated into customers’ existing AD forests. Whilst the threat models enabled by this should be quite familiar to anyone securing a heter
Publish At:2019-09-19 17:35 | Read:1505 | Comments:0 | Tags:Presentations analysis auditing Black Hat Europe blue team c

An offensive introduction to Active Directory on UNIX

By way of an introduction to our talk at Black Hat Europe, Security Advisory EMEAR would like to share the background on our recent research into some common Active Directory integration solutions. Just as with Windows, these solutions can be utilized to join UNIX infrastructure to enterprises’ Active Directory forests. Background to Active Directory i
Publish At:2019-09-19 17:35 | Read:1674 | Comments:0 | Tags:Blog analysis auditing Black Hat Europe blue team conference

Discover the secrets of the SOC

Presentation on building effective SOCs (as given at InfoSec Europe 2019 on the interactive workshop track). Simon Crocker, Cisco’s EMEAR lead for SOC Advisory looks at what goes into making a SOC work effectively. This talk discusses the core SOC requirements around monitoring and incident response function, but also touches on some of the other serv
Publish At:2019-09-19 17:35 | Read:1587 | Comments:0 | Tags:Presentations blue team C-Suite conference InfoSec Europe SO

Is that really you? The importance of identity in breach response and recovery

Presentation on Zero Trust and the importance of identity in breach response and recovery (as given at InfoSec Europe 2019 on the tech talk track). Richard Dean, Cisco’s EMEAR Head Of Security Advisory Services looks at Cisco’s approach to zero trust. This talk discusses the need to monitoring your users’ access and privileges and how securing t
Publish At:2019-09-19 17:35 | Read:1673 | Comments:0 | Tags:Presentations blue team C-Suite conference incident response

So you want to build a SOC: Lessons from the front line

Presentation on building an effective operational security capability (as given at Cisco Live US/Talos Threat Research Summit 2019). This talk will not help you build a SOC in only 60 minutes, but it will help you build a functional security operation over time. Building a SOC can be daunting. This talk will look at how to pick your fights and the key battle
Publish At:2019-09-19 17:35 | Read:1662 | Comments:0 | Tags:Presentations blue team conference SOC TTRS

Pentest Toolbox Additions 2016

I’ve added some handy tools to my pentest toolbox this year. You’ll find a short description of each with links to more information below. Whether red or blue team, you’ll want to know what these tools can do.Password SprayingPassword spraying is guessing a few passwords against a large list of users in order to avoid account lockout. You w
Publish At:2016-11-08 16:05 | Read:5679 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Blue Team

Cyber Security: Red Team, Blue Team and Purple Team

In military jargon, the term Red Team is traditionally used to identify highly skilled and organized groups acting as fictitious rivals and/or enemies to the “regular” forces, the Blue Team. Whenever we discuss Information Security from a defensive point of view, we are inclined to think about protection, damage control, and reaction. However, adopting an at
Publish At:2016-07-23 04:40 | Read:5926 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Blue Team Information Wa

Are we measuring Blue and Red right?

In security many people see solutions of problem as a whole, all or nothing. Many times even worst they see the security as a hindrance to the delivery of a project or even day to day actions. Even internally in some organization with the size and level of maturity of having both a Red and Blue team you have rivalry between both. In this blog post I would li
Publish At:2015-11-02 18:50 | Read:2597 | Comments:0 | Tags:Blue Team

RDP TLS Certificate Deployment Using GPO

Remote Desktop has been the Go To remote administration tool for many IT professionals and sadly many even expose it to the internet leading to brutefoce attacks and Man in the Middle attacks. I still remember the fist time I saw how easy it is from Irongeek examples using Cain & Able http://www.irongeek.com/i.php?page=videos/cain-rdp-terminal-server-mit
Publish At:2015-04-06 16:40 | Read:5928 | Comments:0 | Tags:Blue Team


Tag Cloud