Adversarial Tradecraft in Cybersecurity: Offense versus defense in real-time computer conflict
內容描述
Master cutting-edge techniques and countermeasures to protect your organization from live hackers. Learn how to harness cyber deception in your operations to gain an edge over the competition.Key Features: Gain an advantage against live hackers in a competition or real computing environmentUnderstand advanced red team and blue team techniques with code examplesLearn to battle in short-term memory, whether remaining unseen (red teams) or monitoring an attacker's traffic (blue teams)Book Description: Little has been written about what to do when live hackers are on your system and running amok. Even experienced hackers tend to choke up when they realize the network defender has caught them and is zoning in on their implants in real time. This book will provide tips and tricks all along the kill chain of an attack, showing where hackers can have the upper hand in a live conflict and how defenders can outsmart them in this adversarial game of computer cat and mouse.This book contains two subsections in each chapter, specifically focusing on the red and blue teams. It begins by introducing you to adversarial operations and principles of computer conflict where you will explore the core principles of deception, humanity, economy, and more about human-on-human conflicts. Additionally, you will understand everything from planning to setting up infrastructure and tooling that both sides should have in place.Once you cover the basics, you will learn how to gain an advantage over opponents by disappearing from what they can detect. You will further understand how to blend in, uncover other actors' motivations and means, and learn to tamper with them to hinder their ability to detect your presence. Finally, you will grasp how to perform advanced research and conclude an operation.By the end of this book, you will have achieved a solid understanding of cyberattacks from both an attacker's and a defender's perspective.What You Will Learn: Understand how to implement process injection and how to detect itTurn the tables on the offense with active defenseDisappear on the defender's system, by tampering with defensive sensorsUpskill in using deception with your backdoors and countermeasures including honeypotsKick someone else from a computer you are on and gain the upper handWho this book is for: Pentesters to red teamers, security operations center analysts to incident responders, attackers, defenders, general hackers, advanced computer users, and security engineers should gain a lot from this book. This book will also be beneficial to those getting into purple teaming or adversarial simulations, as it includes processes for gaining an advantage over the other team. Basic knowledge of Python programming, Go programming, Bash, PowerShell, and systems administration is desirable. Furthermore, knowledge of incident response and Linux is beneficial. Prior exposure to cybersecurity, penetration testing, and ethical hacking basics would be a plus.