So there’s a lot of confusion out there about Penetration Testing and Red Teaming. I wanted to put together a list of resources for those familiar with infosec or penetration testing who want to get into red teaming or at least get a better understanding of the methodologies and techniques used by red teamers.
First, it’s important to note that Red Teaming is predominantly comprised of two things: alternative analysis and adversary simulation. Red teams do not attempt to find “all the vulnerabilities” and do not usually try to have a wide breadth of coverage. Instead, red teams seek to simulate an adversary with a particular objective, predominantly to act as a “sparring partner” for blue teams. Keep in mind, red teams are the only adversary that will debrief with the blue team so that blue team can figure out what they missed or could have done differently.
For more about the specific definition of Red Teaming, check out the presentation Red Teaming Probably Isn’t For You by fellow red teamer Toby Kohlenberg.
This is not intended to be a comprehensive list of everything you need to know, but more of a “differences course” for those with penetration testing or similar backgrounds to get an introduction to red teaming.
- Concepts of Red Teaming
- Penetration Testing vs Red Teaming
- Technical Resources (Not Necessarily Red Team Specific)
- Red Team Courses
Concepts of Red Teaming
- Red Teaming Probably Isn’t For You by Toby Kohlenberg
- Red Team: How to Succeed By Thinking Like the Enemy by Micah Zenko
- US Army Red Team Handbook
- Laws of Red Teaming by Red Team Journal
- Network Attacks and Exploitation: A Framework by Matthew Monte
- Models for Red Team Operations
- 10 Red Teaming Lessons Learned Over 20 Years
Penetration Testing vs Red Teaming
- A Penetration Testing Maturity and Scoring Model
- Using an Expanded Cyber Kill Chain Model to Increase Attack Resiliency
- Microsoft Enterprise Cloud Red Teaming
- You’re Probably not Red Teaming
Technical Resources (Not Necessarily Red Team Specific)
- Mitre ATT&CK Framework
- Hacking to Get Caught by Raphael Mudge
- Modern Binary Exploitation by RPISEC
- Advanced Penetration Testing: Hacking the World’s Most Secure Networks
- Dirty Red Team Tricks
Red Team Courses
- Adaptive Threat Tactics by Cobalt Strike
- Corelan Bootcamp
- Adversary Tactics: Red Team Operations by SpecterOps
- Red Team Operations and Threat Emulation
This is by no means a comprehensive list, and if you have other suggestions, please let me know.
This post contains Amazon Affiliate links.