Skip to content

Red Cell Overview

Info

Red Cell | Everything Offensive, Pentesting, & Red Teaming

01. Active Directory (AD)

  • Active Directory (AD) is a Microsoft directory service that centralizes network management, enabling the organization to securely manage and authenticate users, computers, and resources in a Windows environment.

02. IEEE 802.11 (Wireless LAN)

  • IEEE 802.11, commonly known as Wi-Fi, is a set of standards for wireless local area networks (LANs) that facilitate wireless communication between devices, enabling wireless internet access and local network connections.

03. Enumeration

  • Enumeration is the process of gathering information about a target, such as network services, user accounts, or system configurations, to identify potential vulnerabilities for exploitation.

04. Privilege Escalation

  • Privilege escalation is the act gaining higher levels of access or permissions on a computer system or network in order to perform actions that would normally be restricted.

05. Tunneling & Lateral Movement

  • Tunneling (specifically proxying) is a technique that facilitates secure data transfer through encrypted channels, often used for lateral movement within a compromised network. It allows attackers to navigate by moving through an intermediate target to gain access to further network resources while evading detection.

06. File Transfers

  • File transferring is the process of moving files or data between different systems, either within the same network or across networks for exfiltrating sensitive information or delivering malware.

07. Payloads

  • Payloads are the specific code in an attack (generally initial access) aimed at performing a specific actions on a targeted system, such as delivering malware, executing exploits, or enabling unauthorized access.

08. Defense Evasion

  • Defense evasion encompasses a range of techniques to circumvent or disable security measures, such as intrusion detection systems or antivirus software, allowing unhindered/undetected action on a target.

09. Credential Dumping

  • Credential dumping involves extracting and collecting user login credentials or password hashes from a compromised system, allowing unauthorized access to additional network resources.

10. Persistence

  • Persistence is the technique of maintaining unauthorized access to a compromised system or network over an extended period, ensuring continued control and the ability to carry out activities even after initial access has been achieved.

11. Web Exploitation

  • Web exploitation involves the identification and exploitation of vulnerabilities within web applications or services to gain unauthorized access, steal data, or deliver malicious payloads.

12. SQL

  • SQL, or Structured Query Language, is a domain-specific programming language used for managing and manipulating relational databases, allowing for tasks like data retrieval, modification, and administration.

13. Industrial Control Systems (ICS)

  • ICS, or Industrial Control Systems, encompasses various types of control systems used in industrial and critical infrastructure settings. These systems are designed to control and monitor physical processes, machinery, and devices.

14. Cheatsheets

  • This section covers the TL;DR (Too Long; Didn't Read) notes of different toolsets. Instead of reading large and verbose wikis, this will give you a simple introduction.

15. Technique Ted Talks (TTTs)

  • Technique Ted Talks (TTTs) is a miscellaneous section containing notes covering an overview of/introduction to topics that may be implied (or not implicitly covered in depth) in other notes.