Book Name: Red Team – Development And Operations
Author: Joe VEST & James TUBBERVILLE
Docs: https://redteam.guide/docs/
Topic: Red Teaming
Level: Advanced
Hi all!.. I’m here with a new book review. I’m interested in security topics like offensive security, red teaming, etc for a long time. Now we will cover an excellent book for this type of operation. Maybe you won’t be a god red teamer but you will learn lots of things and your mindset will be changing. You can see some mental questions in this book, I think that’s mean this book is not only about technical skills, will be cover mental skills and mindset too.
Book’s cover is very good and feels high quality, also papers too. Images, shapes, charts, etc. are well planned and placed. Authors are using these visual objects well to transfer knowledge to the reader. And general legibility is well but maybe some pictures would be better than now.
I want to continue with “What can you learn with this?”. Let’s start with content. Later that I will try to explain sections.
The Book starts with “How to use this book?” , “What is Red Team?”. The story will begin for you after that.
Introduction
The story will be starting, you will learn general keywords. You will find answers to the “Why do Threats Succeed?”. Authors cover scenarios and back plan of the success in these scenarios, methods like human attacks, physical attacks, etc. Also, you will learn the differences between penetration tests, vulnerability assessments, red teaming operations.
Engagement Planning
If you perform a security operation, this can be a penetration test or red team it does not matter, you must be planned and disciplined. Always, lots of things should be clear; costs (Equipment, travel, etc.), effort, employees, duration especially “Rules of Engagement”. In this chapter, you will learn how to plan an operation zero to hero style. Also, you can learn the MITRE ATTACK framework, Threats, Actors, TTPs, terms, and really lots of things 🙂 I can’t write everything for briefly writing.
Engagement Execution
We started, planned, everything seems good. Now we must perform our art 🙂 “Answers for How can you store the execution data ?” question, logging; tips for scanning, taking notes, tools, tool examples, use cases, technical suggestions, etc. Hands-on hacking starts now.
Engagement Culmination
Sanitization and Cleanup, we perform some technical art for customers, we use tools or malware for doing that. We can clear all of them. If RoE contains “log clearance” you can clear logs, otherwise, you must not clear 🙂 This chapter will be important for you, especially if you are a newbie in the Cyber World.
Engagement Reporting
If you can not explain your finding; you can not do your job well. Your first job is finding vulnerabilities/misconfigurations etc. This is done but if you can not describe this finding clearly, your customer can not fix this issue. And Blue Team side must know your TTPs for improving security posture and alerts. This chapter will cover charts, diagrams, advanced reporting techniques, etc.
Summary, Conclusion and Appendix
In this chapter, the authors describe what you should do next. Red team scenario explanations, TTP examples, mindset challenges, you can find different things in this place.
Finally, I would say you will enjoy while reading this book. Your technical and soft skills will improve with this. Thanks to the authors for this excellent book and sharing knowledge 🙂
Thanks for your time and your interest.
Berk KIRAS – Cyber Security Consultant
obviously like your web site however you have to test the spelling on quite a few of your posts. Many of them are rife with spelling issues and I in finding it very troublesome to inform the truth nevertheless I will definitely come back again.
Pretty! This was a really wonderful post. Thank you for your provided information.