Table of Contents Overview of Red Teaming and Blue Teaming Key Roles and Responsibilities 2.1 Red Team Responsibilities 2.2 Blue Team Responsibilities Tools and Techniques 3.1 Common Red Team Tools 3.2 Common Blue Team Tools Attack and Defense Strategies 4.1 Offensive Strategies in Red Teaming 4.2 Defensive Strategies in Blue Teaming Mindset and Approach 5.1… Read More »Red Team vs Blue Team: What is the Difference?
Table of Contents Overview of SEBI Guidelines on Red Teaming Definition of Red Teaming Exercises Reporting Cybersecurity Incidents Incident Response Management Plan Cyber Crisis Management Plan (CCMP) Role of Security Operations Centers (SOCs) Compliance Timeline for Regulated Entities Preparing for SEBI Compliance Conclusion Overview of SEBI Guidelines on Red Teaming The Securities and Exchange Board… Read More »What are the SEBI guidelines on Red Teaming & Continuous Automated Red Teaming (CART)?
Link-Local Multicast Name Resolution (LLMNR), a seemingly important protocol in Windows environments, can be a silent accomplice for cyber adversaries seeking to exploit network vulnerabilities. Let us understand the technical intricacies of LLMNR and unravel how it can be exploited for reconnaissance purposes, examining each step from a Red Teamer’s perspective. Understanding LLMNR LLMNR is… Read More »Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol
SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that ensure secure communication over the internet. They provide data encryption, authentication, and integrity verification to protect sensitive information transmitted between a user’s web browser and a website, or between servers. This security is crucial for online transactions, sensitive data exchange,… Read More »Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL
Security teams are busy fixing CVEs, SQLi, and other critical vulnerabilities. However, exposing .git can potentially leak credentials, source code and other sensitive information. In this blog, we will uncover the dangers of hidden exposed .git, and how to identify and mitigate the relevant risk. Introduction In the realm of software development, Git stands as… Read More »How Do Attackers Utilize .git For Fun And Profit?