Day 305 of learning cyber security. Before proceeding, this blog post contains information on how to complete the room RED TEAM FUNDAMENTALS. Spoilers ahead.
Task 1: Introduction
No answer needed
Task 2: Vulnerability Assessment and Penetration Tests Limitation
Would vulnerability assessments prepare us to detect a real attacker on our networks? (Yay/Nay)
ANSWER: Nay
During a penetration test, are you concerned about being detected by the client? (Yay/Nay)
ANSWER: Nay
Highly organized groups of skilled attackers are nowadays referred to as …
ANSWER: Advanced Persistent Threats
Task 3: Red Team Engagements
The goals of a red team engagement will often be referred to as flags or…
ANSWER: crown jewels
During a red team engagement, common methods used by attackers are emulated against the target. Such methods are usually called TTPs. What does TTP stand for?
ANSWER: Tactics, techniques and procedures
The main objective of a red team engagement is to detect as many vulnerabilities in as many hosts as possible (Yay/Nay)
ANSWER: Nay
Task 4: Teams and Functions of an Engagement
What cell is responsible for the offensive operations of an engagement?
ANSWER: Red Cell
What cell is the trusted agent considered part of?
ANSWER: White Cell
Task 5: Engagement Structure
If an adversary deployed Mimikatz on a target machine, where would they be placed in the Lockheed Martin cyber kill chain?
ANSWER: Installation
What technique’s purpose is to exploit the target’s system to execute code?
ANSWER: Exploitation
Task 6: Overview of a Red Team Engagement
Click the “View Site” button and follow the example engagement to get the flag
ANSWER: THM{RED_TEAM_ROCKS}
Task 7: Conclusion
Read the above and continue learning!
NO ANSWER NEEDED
If you are interested to learn cyber security do try to check out Tryhackme through my referral link this will greatly help me out in acquiring tokens. Thank you in advance:
“It is important to know the attack techniques cause if you don’t know how attack tools work, and you don’t know what attackers are doing, you won’t be able to curate a strategy on how to respond to these attacks”–
Jessica Payne from Microsoft Security Incident Response Professional
In the age of computing and technology, something that an ordinary person should know is that we all need to keep in mind that no computer device is totally secure and every computers have security vulnerabilities.
These can range from organizational computer networks and servers that can be local or remote, wired and wireless up to ordinary users of different technologies such as ATM machines, CCTV cameras and our daily devices such as tablets, personal desktop computers, phones, and even printers.
Cyber Security is now a big concern for everyone especially because we are in the information technology era. If we define “CYBER” based from the definition of Merriam-webster.com it is a word that involves computer networks or computers that can be connected to the internet. The root word “SECURITY” which means the state of being secure.
If we combine both words, we can then define CYBER SECURITY as the ability to protect one-self and others from unauthorized attacks related to computers in general. These can be attacks in computer networks, attacks on computer systems, and attacks to computer users.
We understand the fact that vulnerabilities in computers are less likely to be totally eliminated, we want to study CYBER SECURITY because the more knowledgeable you are about the threats and you know how to secure yourself the less likely you can become a potential target for these cyber criminals because they would usually target less secure machines, less secure systems, and less secure people who are likely not aware about Cyber Security.
We have to keep in mind that cyber criminals are considered to be con-artist, these are people who uses technology to not just target computers but they target you as a person, they usually look for EXPLOITS in user behaviors. Usually these con-artist will target the person behind the devices and computers, they are directly ATTACKING YOU as a person. The more knowledgeable you are, the more secure you can become.
The term CYBER SECURITY is a term that can be used interchangeably with the term Information Security also known as InfoSec that deals with physical and digital data protection. Most attacks geared towards organizations and individuals are related exploits that are based from data or information that has been gathered about the victims.
Cyber Criminals are using the opportunity to exploit an individual or organization that are unfamiliar with cyber crime. For this same reason the study of CYBER SECURITY can help us find a deeper understanding of the different methodologies used by possible cyber criminals who would target you as a user of computer devices.
All of these being said, we want to better understand how computer works, how the internet works, and better understand how cyber criminals thinks and what are the type of exploits that they perform and use to execute an attack so that we can better defend against this type of attacks. Understanding the level of threat allows us to better prepare and protect ourselves from the atrocious elements that are present in the cyber world.
As a final remark, we would want to also become more familiar with the different security tools that we can use to protect ourselves, we also want to adapt better habits in using different computer devices so that we can secure and protect ourselves against cyber criminals.
If you are a tech enthusiast or someone who is targeting to get a job in the tech industry, I am sure at some point of your journey. You will need to use the command line interface (CLI) for some of the tasks that you will need to accomplish.
If you are a web developer, you will at some point need the command line for development operation from where you will need to use the terminal for maximizing the use of a version control such as git.
If you are also interested in getting into the cyber security industry, using the terminal, and familiarizing yourself with the different commands that you can execute to navigate and run applications is going to be a skill that you will need to learn in the long run.
In this article we will learn some of the basic commands that you can use in using the terminal for the operating system Kali Linux which is one of the popular operating system used by cyber security enthusiast and professionals.
If you are planning to get into cyber security as a penetration tester who is usually someone who becomes part of the red team which is involved into tasks under the offensive security or if you are interested to become a security analyst who is someone who becomes part of the blue team that is more focus on the defensive security tasks.
Kali Linux is an operating system you will hear about and this is the operating system that we will use for the series of commands that we will learn in this article.
Something that I just want to emphasize before we start is that sometimes you might get intimidated by the command line interface (CLI) because most of us are used to using our computer using a graphical user interface (GUI) for navigating and executing commands in our computer. One of my advice is that you should not worry because the more you practice and use the terminal. I am very sure you will get better and more comfortable in using the terminal for your daily tasks.
To get started in using the command line. The very fundamental concept that you need to understand is that we are always inside of a folder. We use certain commands to move around the folder structure so that we can go and create, move, copy, and delete directories.
Now let us go learn some of the commands that you can use to go and navigate around your system using the command line or terminal.
ls command
The ls command is the command that we use to list the content of the current directory.
This is one of the most common command that you will use when viewing the content of your current directory or folder.
The ls command will list directory contents.
If you have used the command line in Windows this will be the same with the dir command in the command prompt of a Windows machine or operating system.
Note: In Kali Linux you can also use the dir command to list directory similar with the command in Windows but you cannot use the ls command in the command line of a Windows operating system.
dir command
The dir command will also list directory contents.
Something that you will notice in using the dir command in Kali Linux is that it does not have a color category for the files in the current directory. If you try to look at the image below, you would see that the ls command listed the directory contents while categorizing the folders, files, and executable files through using different colors.
man command (Manual Pages) and flags (options)
man is an interface to the system reference manuals.
If you type the man command on the terminal you will see that it will prompt you with a questions regarding the manual page that you want.
The man command gives you a list of options also known as flags for a specific command.
Once you type in the terminal the command >man man, you would see that the terminal will display the manual page for the man command.
Flags or options for commands
Flags are options that we have in executing a specific command, the format for using flag can be as followed, <command> <flag or option> <input>.
The flags or options that we have for a specific command can be learned using the man command.
Note: Some other terms that you might encounter for flags would be arguments just in case you hear some people using the term arguments for a specific command.
If we want to see some of the flags for the ls command, we type the man command followed by the command that we would want to see the manual pages. Here is an example format for seeing the manual pages of the ls command.
>man ls
You would see that the >man ls command displayed on the screen the manual page of the ls command and the flags or options that we can apply in using the ls command.
Now let us try to go and list directory and display files that has a “.” Character in front of them. If you remember when we checked the manual pages of the ls command it has the -a option or flag.
ls -a
The ls command with the -a flag will display files that included the period “.” Keyboard character in front of them.
Now let us go and list directory while using the -l combined with the -a option and we can do this by typing the following command in our terminal.
>ls -la
The -la flags will be combining the long listing option together with displaying files with the “.” keyboard character in front of them.
Note: The -l flag is used to display the long listing of files.
When we us the ls command it only shows us the name of the files and the directories. If we want to go and further get into details, we can use the flag -l (the small letter L) to further get more details about the files and directories in the current folder.
When we use the long listing format, we can see other information such as the following:
File type
File permissions
The number of hard links to the file
File owner
File group
File size
Date and Time
File name
Let us try to identify what each of the characters signifies in our displayed output.
The first character will show us the file type inside of our current directory.
The following are the different file types or values for the first character in our long listing format.
Here in our example image, we will see that the dash character symbol (-) indicates a regular file and the letter (d) indicates that it is a directory.
Some of the other character that you might encounter are the following.
The small letter L (l) indicates that this is a symbolic link.
The letter (c) indicates that this is a character special file.
The letter (b) indicates it is a block special file.
The letter (n) indicates that the file is a network file.
The letter (p) indicates that it is FIFO.
The letter (s) indicates that it is a socket.
Now for the next nine characters that indicates the file permissions.
The first three characters are for the user, the next three are for the group and the last three are for other users. The permission characters take the following values.
The letter r indicates that they have permission to read the file.
The letter w indicates that they have permission to write to the file.
The letter x indicate that they have the permission to execute the file.
The letter s indicates setgid bit.
The letter t indicates sticky bit
The root root fields are indicating the owner and the group and then followed by the size of the file which is shown in bytes. If we want to print the sizes in a human-readable format we can go and use the -h flag option.
The next column indicates the date and time for the last modification of the file.
The last column indicates the name of the file.
NOTE: We can change the file permission using the chmod command and the chown command to go and change the file owner and group.
cd command
The cd command allows us to change current directory or change the shell working directory.
The syntax for using the cd command is as follows:
cd [FLAGS or OPTIONS] <name of directory> that we want to go to.
Note that the cd command does not have any manual pages. Instead of using the man command we can use the –help option for learning more about the cd command.
– -help option
If we want to change current directory for example from the current directory to the Documents/ directory. We just need to type the following.
>cd Documents/
One key tip here so that you will not get lost is through typing the first three characters of the directory from where you want to go to then press on the tab key for autocompletion. The terminal will try to autocomplete the name of the directory that you want to go to.
If we want to go move one up in the folder structure and go back to our previous directory we can type the cd command followed by the double period (. .) characters, this will allow you to move one up in the folder structure.
pwd command
This will print the working directory.
The pwd command is useful for us to identify the current directory we are currently located in the folder structure.
clear command
This will clear the terminal screen.
echo command
This will display a line of text in our terminal screen.
The echo command is useful in displaying text that we have inputted in our terminal and have it displayed on our screen. We can also directly redirect and create files that contain content (such as links to websites etc.) using the redirection character (>).
echo with the -n flag
The -n flag or option will allow us to not create a new line when the standard output (stdout) is displayed in our screen.
touch command
The touch command allows us to create new files within the directory.
nano command
opens a Linux text-editor. This is a Linux based text-editor which will be a very useful tool for editing and creating new files in Linux.
cat command
The cat command is a way for us to concatenate content and to display content on our terminal screen.
cp command
This command will help you copy a file.
mv command
The mv command allows you to move or rename a file.
rodprogramdev 