Red Team: RedTeaming VS PenTesting
Ғылым және технология
Lets discuss the basics of PenTesting Vs Red Teaming in this beginner-friendly KZread video. Discover how PenTesting helps identify vulnerabilities, while Red Teaming provides a more comprehensive evaluation of an organization's security. Gain insights into these cybersecurity practices and understand their importance in securing digital systems!
For a full list of my Covert Entry tools, check out my github at:
github[.]com/davidprobinsky
Check out my IG at @ RedTeamVIP
Backdrop Image by kjpargeter on Freepik
Пікірлер: 41
This is fantastic, as a person who is interested in red team, you gave me a good glimpse and a better picture of what it takes. Keep producing more information about this area. 👏🏽
@DavidProbinsky
Жыл бұрын
Absolutely! And thank you for the feedback!! More vids coming soon!
Omg! This has to be the best video on explaining Red Team and the difference between the other two roles. I initially thought Red team was Pentest. After you explained Red Team all I could think about was Mr. Robot! Excellent video! No fluff just straight to the point!! Thank you!
@DavidProbinsky
Ай бұрын
Thank you for the feedback! ❤️
One of the things a PMC I worked for did was PHYSEC evaluation. The way Id characterize the difference between pen testing and red teaming (we didn't really call it that) was that pen testing was more academic. The testers would go around and check the individual security measures and give the client a walkthrough report; this is a bad lock, your camera has a blindspot, etc. The red teaming was malicious. We hit live targets and actually tried to 'do damage', like taking stuff, or compromising infrastructure; or simulation thereof. The social engineering aspect is a good metric. On one target, we were to access some materials. The location they were in, had soft physical security that we could defeat in seconds, but not without getting caught by the Human security during the access. We 'social engineered' the security operation, by overtly attacking the physical elements a couple times, like just unlocking the door and leaving it ajar, on a passby. So, they moved the materials to a harder location, but because it was physically harder, they skimped on the Human security. That gave us about 30 min with the objective, which was bout 20 more than we needed. Generally speaking, the teams had no contact with the client and in many cases, part of the exercise was timing the client to find out how long it took to discover the compromise and react.
@DavidProbinsky
Жыл бұрын
I totally agree with you, the purpose is to help clients improve their security, as well as measuring their timing and reaction against a threat. As for the terms, I don't have a military background, but Ive heard of a few different names depending the types of engagement and sector in which its discussed, Ive even heard the term "Tiger Teams". In the Infosec & IT field I'm noticing more and more the use of the term "Red Team" for offensive security engagements, and all is performed from behind a computer. My goal with the video was to keep it simple for those coming new to IT for the first time, and bring a bit of awareness to the table about Social Engineering as well as Physical Security. Also, thank you for sharing your experience!!
Very helpful and thorough explanation, thank you!
Thank you! A perfect, short and clear explanation of the difference between PenTesting, Ethical Hacking and RedTeaming
@DavidProbinsky
7 ай бұрын
Thanks for the feedback! 🙌
really appreciate, now I don`t have to waste my time anymore on pen testing, I just wanna sit behind my laptop
Thank you for sharing. You've earned another subscriber for sure.
Hi David! thank you for this video. Very good information :)
@DavidProbinsky
7 ай бұрын
Thank you for the feedback! Glad you enjoyed it!
best explanation every, can u make a vid about the roadmap of each and what certifications to get. thanks, hope you will do.
Made it very easy to understand, subscribed!
@DavidProbinsky
Ай бұрын
Awesome, thank you!
Great video David thanks!
@DavidProbinsky
Ай бұрын
Glad you liked it!
Great video.
Bro you’re awesome and simple ❤❤
@DavidProbinsky
9 ай бұрын
I appreciate that!
Well explained.
great video! you have earned the sub!
@DavidProbinsky
9 ай бұрын
Thanks for the sub! 🙏
Great explanation! 👌👌
@DavidProbinsky
5 ай бұрын
Glad it helped!
Thanks 👍❤
@DavidProbinsky
5 ай бұрын
Always welcome
How do you get a job? I know someone who got their OSCP and still couldn’t get a job.
@yuck871
2 ай бұрын
Maybe actually study IT or cybersecurity at a university before applying for a job
Great
A cantanna? Any useful links to read more on this and build one
@DavidProbinsky
9 ай бұрын
Yeah, they are called Cantenna (Can + Antenna). This post is a bit old, but it should provide you with more info: jacobsalmela.com/2013/09/07/wi-fi-cantenna-2-4ghz-how-to-make-a-long-range-wi-fi-antenna/
Camrahnbay subscribed.
Is wifi pineapple or adaptor, hacking devices flipper zero , hackrf are used in penetration testing ?
@DavidProbinsky
Ай бұрын
The Wifi Pineapple is used often, yes. The Flipper, sometimes, not as often. The hackrf, I personally have never used it in an engagement. Now USB implants, such as the rubber ducky or the Key Croc keylogger, I use very often.
Well thanks you sir ,I follow you 🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉🎉
Red teamer is a apy
🫶🫶🫶🫶🫶
This is great David! I didn’t know you had this channel 🫡
@DavidProbinsky
5 ай бұрын
Thanks for the feedback! Yeah, been quietly making videos this past year, and trying to shift gears and make more content.