Dive into the mind of a threat actor and explore the nuances between pentesting and red teaming in this insightful conference talk from the Hack In The Box Security Conference. Learn about the commonly misunderstood discipline of red teaming, which goes beyond traditional pentesting into more advanced adversarial emulation. Discover the differences in tools, methodologies, and skills required for red teaming compared to pentesting. Gain valuable insights into what it takes to become a red team operator, including essential learning materials and certifications. Benefit from the speaker's 23 years of experience in offensive security as he shares his journey from pentester to red teamer. Explore topics such as offensive security domains, red team tactics, techniques, and procedures (TTPs), operation planning, and the additional benefits of red team engagements. Whether you're a seasoned security professional or aspiring to enter the field, acquire a deeper understanding of the red team mindset and its crucial role in enhancing organizational security.
Inside the Mind of a Threat Actor - Beyond Pentesting
Hack In The Box Security Conference via YouTube
Overview
Syllabus
Intro
WHOAMI: Phillip Wylie, CISSP, OSCP, GWAPT
Overview
My Offensive Security Career Path
What is Offensive Security?
Offensive Security Domains
Red Team != Pentesting
Differences
Tool Commonalities
Red Team Intro
Red Team TTPS
Red Team Operation Planning
Red Team Additional Benefits
Becoming a Red Team Operator
Resources
Taught by
Hack In The Box Security Conference
Related Courses
-
CVE Series: InstallerFileTakeOver (CVE-2021-41379)
-
API Security Through External Attack Surface Management
-
Offensive Hunting - Using Blue Team Techniques in Red Team Ops
-
Zero to Hero Pentesting - Enumeration - Kioptrix & Hack The Box
-
Red Team Engagements and the Forgotten Risk of Mobile Devices - DefCamp - 2019
-
So You Want to Red Team?
