A Security Operations Kickstarter
The most underutilized resource during a penetration test is the tester themselves. This book takes aim at how modern Security Operations teams can leverage the skillsets of penetration testers to improve their security posture and level up their detection game.
About the Book
Most modern-day businesses are required to have a Penetration Tester or Security Auditor review their systems annually for flaws and holes in their security. The professional tester will generally come onsite and spend on average two to three days on premise for the engagement before departing to write up their report, which will then be handed to IT Security to start remediation efforts.
This book looks at how to maximize the two to three-day window that the Penetration Tester is onsite, focusing not on how the tester finds the flaws, but instead on how the defensive security team can track the tester as they move through the network. The final goal being able to apply these tactical lessons learned to improving continuous monitoring and alerting for adverse behavior.
Topics Covered:
- Reconnaissance
- Scanning & Enumeration
- Gaining Access
- Maintaining Access
- Credential Stealing & Privilege Escalation
- Command & Control
- Data Exfiltration
Note: This book will never reach 100% completion. I expect to update, as new attacks are discovered. Upon purchase, you will receive free updates for life.