There are various types cyber security assessments that can be held in order to enhance the security of a given subject but when it comes to redteaming things get much more intense ,sophisticated and serious .
Redteamers or redteams are often viewed under a grey shade due to their way of testing and sophistication.
So here I will be breaking some of the myths and lets see how it is different from normal pentesting .
The operational approach of normal pentesting is often target-driven , By stating this I mean to say that the approach of conventional pentesting are often narrowed down based on the target (Web App ,Mobile App ,Networks etc) .
In pentesting we often look for vulnerablities ,misconfigurations that can be used to escalate the situations.
When it comes to Redteam Operations, The main purpose of a redteam is to stage the attack on a target exactly the way criminal would do and the scale of target of these operations are much larger than normal pentests .
Redteams are often hired by scientific facilities , institutes , corporates , government organizations in order to perform these operations .
While performing these operation the redteam bring a beautiful amalgamation of various aspects of information security to the table .They include Social Engineering ,Open Source Intelligence and deep reconnaissance in their bag of tricks when approaching targets .
The main highlights or the reasons behind redteam's versatile approach to security assessments is the team members . Members of a typical redteam will be having solid and deep knowledge as well as skills in particular domains in information security and each of them contribute equally to a redteam operation .
When an organization goes for a redteam operation, The team is just a normal user plugged in to their network, The teammates then escalate and become a domain admin, The path is not simple as the teams encounter varies defence mechanisms employed by the organization and certainly bypass them.
The Most important and very tough task is to get an initial foothold into the system by using Phishing! These seems very easy at first (As shown on youtube videos) , But this is the most toughest part inorder to get your first hold on the target system, This might include an outlook malware( Which comes under advanced phishing attacks! ) or a simple malicious powershell fud!
Redteams deploy very sophisticated and covert infrastructure, This can be done by using vps like aws, digital oceans and stuff, The key thing which redteamers keep in mind is flow into the network as a normal packet, bypass detections and it needs a lot of homework! There can be different hosts for differents tasks like c2, redirectors and data-exfiltration.
You can also go for serverless redteaming infrastructure using the aws lambda, This is something latest!
This was just a small guide about redteaming! The field is huge, And Bluefire redteam loves it!
To be great at hacking, You have to go wild and offensive in security, That is why redteaming rocks! 🤘