The Red Team and the Blue Team are now obsolete.
The only manual you need is this: "TCTFM"
The Complete Team Field Manual is the most comprehensive cybersecurity manual around that includes all the different techniques and approaches of the blue and red teams.
This book contains:
- the basic syntax for commonly used Linux and Windows command line tools
- unique use cases for powerful tools such as Python and Windows PowerShell
- five core functions of Identify, Protect, Detect, Respond, and Recover
- tactical steps and commands to use when preparing working through
- recovering commands after Cyber Security Incident
- more importantly, it should teach you some new secret techniques
Scroll up and buy this manual. It will be the only book you will use!?
Author(s): Allyson Brian
Publisher: Independently published
Year: 2021
Language: English
Pages: 165
1*NIX
1.1GENERAL INFORMATION
1.1.1Linux Kernels
1.1.2Linux Common Directories and Configuration Files
1.1.3Linux System Information
1.1.4Linux Network Commands
1.1.5Linux Basic and Administrative Commands
1.2INITIAL ACCESS
1.2.1ATTACK
1.2.2DETECTION
1.3EXECUTION
1.3.1ATTACK
1.3.2DETECTION
1.4PERSISTENCE
1.4.1ATTACK
1.4.2DETECTION
1.5PRIVILEGE ESCALATION
1.5.1ATTACK
1.5.2DETECTION
1.6DEFENSE EVASION
1.6.1ATTACK
1.6.2DETECTION
1.7CREDENTIAL ACCESS
1.7.1ATTACK
1.7.2DETECTION
1.8DISCOVERY
1.8.1ATTACK
1.8.2DETECTION
1.9LATERAL MOVEMENT
1.9.1ATTACK
1.9.2DETECTION
1.10COLLECTION
1.10.1ATTACK
1.10.2DETECTION
1.11COMMAND AND CONTROL
1.11.1Relevant Information
1.11.2ATTACK
1.11.3DETECTION
1.12EXFILTRATION
1.12.1ATTACK
1.12.2DETECTION
2WINDOWS
2.1GENERAL INFORMATION
2.1.1Windows NT versions
2.1.2Commonly Used Windows Registry Locations
2.1.3Windows Directories
2.1.4Windows cmd basics
2.1.5Windows powershell
2.2INITIAL ACCESS
2.2.1ATTACK
2.2.2DETECTION
2.3EXECUTION
2.3.1ATTACK
2.3.2DETECTION
2.4PERSISTENCE
2.4.1ATTACK
2.4.2DETECTION
2.5PRIVILEGE ESCALATION
2.5.1ATTACK
2.5.2DETECTION
2.6DEFENSE EVASION
2.6.1ATTACK
2.6.2DETECTION
2.7CREDENTIAL ACCESS
2.7.1ATTACK
2.7.2DETECTION
2.8DISCOVERY
2.8.1ATTACK
2.8.2DETECTION
2.9LATERAL MOVEMENT
2.9.1ATTACK
2.9.2DETECTION
2.10COLLECTION
2.10.1Relevant Information - Attack
2.10.2DETECTION
2.10.3MITIGATION
2.11COMMAND AND CONTROL
2.11.1RELEVANT INFORMATION
2.11.2ATTACK
2.11.3Detection
2.12EXFILTRATION
2.12.1ATTACK
2.12.2DETECTION
3Network
3.1GENERAL INFORMATION
3.1.1Common Ports
3.2IPV4
3.2.1IPv4 Header
3.2.2IPv4 ICMP Header
3.2.3IPv4 Subnet Class Ranges
3.2.4ICMPv4 Type Codes
3.2.5IPv6
3.2.6TCP Header
3.2.7UDP Header
3.2.8DNS Header
3.2.9ARP Header
3.2.10TTL and Windows Size by OS
3.2.11Common Wireshark Filters
3.3ATTACK
3.3.1ARP Cache Poisoning
3.3.2DNS Spoofing
3.3.3Switch Flood
3.3.4Rogue IPv6 Attack
3.3.5Network Scans
3.3.6Denial of Service
3.4DETECTION
4Container Breakout
4.1KUBERNETES
4.1.1Determine if you are on kubernetes cluster
4.1.2Kubernetes enumeration
4.1.3Kubernetes Pod RBAC Breakout
4.2DOCKER
4.2.1Determine if you are on docker container
5OSINT
5.1recong-ng
5.2theHarvester
6Malware Analysis
6.1STATIC ANALYSIS
6.1.1Executable Packing
6.1.2Hash Check
6.1.3Strings Check
6.1.4Inspect Portable Executable
6.1.5PE Disassembly
6.2DYNAMIC ANALYSIS
6.2.1Setup
6.2.2Common Tools Used
7Attack Frameworks
7.1Metasploit
7.2Meterpreter
7.3PowerShell Empire
7.3.1Host Tools
7.3.2Network Tools
7.3.3Common Zeek/Bro Options
7.3.4NetworkMiner
7.3.5Moloch
7.3.6Suricata
7.3.7Snort
7.3.8Nmap
7.3.9Wireshark
8Wireless
8.1Attack
8.1.1WEP
8.1.2WPA
8.1.3Evil Twin
8.1.4Mac Spoofing
8.2Detection
8.2.1Wireshark detect WiFi DOS
8.2.2Kismet
9Database
9.1MYSQL
9.2POSTGRESQL
9.3MS SQL
10Scripting
10.1POWERSHELL
10.2PYTHON
10.3BASH
10.4ASCII TABLE
11Web
11.1USER AGENTS
