Rapheal Mudge (aka @armitagehacker) recently published this great series of nine videos on learning the tradecraft of red team operations. Totaling over 4 hours, and just a bit of a sales pitch for Cobalt Strike, not only does it explain how to execute a targeted attack but also provides invaluable knowledge to understand from a defender’s perspective.
Here is the intro video that discusses the Metasploit Framework and Cobalt Strike, and takes you through how both of these tools are organized.
The other eight videos are organized as follows:
- Basic Exploitation (aka Hacking circa 2003): This lecture shows how to pick the right remote exploit, leverage brute forced credentials, and pivot through SSH.
- Getting a Foothold: Takes you through the client-side attack process. How to map the client-side attack surface, setup a listener, pick a memory corruption exploit, and (preferably) use features to get a foothold.
- Social Engineering: Shows you how to setup a watering hole attack, create a phishing site, and get people to visit your attack through spear phishing.
- Post Exploitation with Beacon: Dives into Cobalt Strike’s Beacon. Learn how to manage Beacon’s data channels, get an overview of its commands, and use Beacon to pivot into a network.
- Post Exploitation with Meterpreter: Digs into interactive post-exploitation with Meterpreter. You will learn how to use Meterpreter, pivot through the target’s browser, escalate privileges, pivot, and use external tools through a pivot.
- Lateral Movement: You’ll learn how to enumerate hosts and systems with built-in Windows commands, steal tokens, interrogate hosts to steal data, and use just Windows commands to compromise a fully-patched system by abusing trust relationships.
- Offense in Depth: Dissects the process to get a foothold into the defenses you’ll encounter. You’ll learn how to avoid or get past defenses that prevent message delivery, prevent code execution, and detect or stop command and control.
- Operations: Learn how to collaborate during a red team engagement, manage multiple team servers from one client, and load scripts to help you out.
Check out the remaining videos on Rapheal’s Tradecraft – Red Team Operations – YouTube playlist.
Know of any other good videos to cover? Let us know in the comments below. Today’s post pic is from StrateticCyber.com. See ya!