Red Team: RedTeaming VS PenTesting

Рет қаралды 17,198

Жыл бұрын

Lets discuss the basics of PenTesting Vs Red Teaming in this beginner-friendly KZfaq video. Discover how PenTesting helps identify vulnerabilities, while Red Teaming provides a more comprehensive evaluation of an organization's security. Gain insights into these cybersecurity practices and understand their importance in securing digital systems!
For a full list of my Covert Entry tools, check out my github at:
github[.]com/davidprobinsky
Check out my IG at @ RedTeamVIP
Backdrop Image by kjpargeter on Freepik

Пікірлер: 41

@yikesdarnell Жыл бұрын

This is fantastic, as a person who is interested in red team, you gave me a good glimpse and a better picture of what it takes. Keep producing more information about this area. 👏🏽

@DavidProbinsky Жыл бұрын

Absolutely! And thank you for the feedback!! More vids coming soon!

@springbloom5940 Жыл бұрын

One of the things a PMC I worked for did was PHYSEC evaluation. The way Id characterize the difference between pen testing and red teaming (we didn't really call it that) was that pen testing was more academic. The testers would go around and check the individual security measures and give the client a walkthrough report; this is a bad lock, your camera has a blindspot, etc. The red teaming was malicious. We hit live targets and actually tried to 'do damage', like taking stuff, or compromising infrastructure; or simulation thereof. The social engineering aspect is a good metric. On one target, we were to access some materials. The location they were in, had soft physical security that we could defeat in seconds, but not without getting caught by the Human security during the access. We 'social engineered' the security operation, by overtly attacking the physical elements a couple times, like just unlocking the door and leaving it ajar, on a passby. So, they moved the materials to a harder location, but because it was physically harder, they skimped on the Human security. That gave us about 30 min with the objective, which was bout 20 more than we needed. Generally speaking, the teams had no contact with the client and in many cases, part of the exercise was timing the client to find out how long it took to discover the compromise and react.

@DavidProbinsky Жыл бұрын

I totally agree with you, the purpose is to help clients improve their security, as well as measuring their timing and reaction against a threat. As for the terms, I don't have a military background, but Ive heard of a few different names depending the types of engagement and sector in which its discussed, Ive even heard the term "Tiger Teams". In the Infosec & IT field I'm noticing more and more the use of the term "Red Team" for offensive security engagements, and all is performed from behind a computer. My goal with the video was to keep it simple for those coming new to IT for the first time, and bring a bit of awareness to the table about Social Engineering as well as Physical Security. Also, thank you for sharing your experience!!

@hertechprep 3 ай бұрын

Omg! This has to be the best video on explaining Red Team and the difference between the other two roles. I initially thought Red team was Pentest. After you explained Red Team all I could think about was Mr. Robot! Excellent video! No fluff just straight to the point!! Thank you!

@DavidProbinsky 2 ай бұрын

Thank you for the feedback! ❤️

@nerdybutnice2267 2 ай бұрын

Very helpful and thorough explanation, thank you!

@user-by6zz7wq9n 8 ай бұрын

Thank you! A perfect, short and clear explanation of the difference between PenTesting, Ethical Hacking and RedTeaming

@DavidProbinsky 8 ай бұрын

Thanks for the feedback! 🙌

@quintontillmon1620 2 ай бұрын

Thank you for sharing. You've earned another subscriber for sure.

@cloey_b 8 ай бұрын

Hi David! thank you for this video. Very good information :)

@DavidProbinsky 8 ай бұрын

Thank you for the feedback! Glad you enjoyed it!

@user-cl3jb8kk5g 5 ай бұрын

really appreciate, now I don`t have to waste my time anymore on pen testing, I just wanna sit behind my laptop

@blablawtf 4 ай бұрын

Made it very easy to understand, subscribed!

@DavidProbinsky 2 ай бұрын

Awesome, thank you!

@altcoinwizz 3 ай бұрын

Great video David thanks!

@DavidProbinsky 2 ай бұрын

Glad you liked it!

@Singsing-js9fl 6 ай бұрын

best explanation every, can u make a vid about the roadmap of each and what certifications to get. thanks, hope you will do.

@HossamOcta 11 ай бұрын

Bro you’re awesome and simple ❤❤

@DavidProbinsky 10 ай бұрын

I appreciate that!

@AnshBathla-tz8kl 7 ай бұрын

Great video.

@thatocyberspace 8 ай бұрын

Well explained.

@forresttindall 10 ай бұрын

great video! you have earned the sub!

@DavidProbinsky 10 ай бұрын

Thanks for the sub! 🙏

@losxlakers 4 ай бұрын

How do you get a job? I know someone who got their OSCP and still couldn’t get a job.

@yuck871 3 ай бұрын

Maybe actually study IT or cybersecurity at a university before applying for a job

@carlosbautistazenpay6373 6 ай бұрын

Great explanation! 👌👌

@DavidProbinsky 6 ай бұрын

Glad it helped!

@KaliLinux-vn3ws 5 ай бұрын

Is wifi pineapple or adaptor, hacking devices flipper zero , hackrf are used in penetration testing ?

@DavidProbinsky 2 ай бұрын

The Wifi Pineapple is used often, yes. The Flipper, sometimes, not as often. The hackrf, I personally have never used it in an engagement. Now USB implants, such as the rubber ducky or the Key Croc keylogger, I use very often.

@jourdanallred7121 10 ай бұрын

A cantanna? Any useful links to read more on this and build one

@DavidProbinsky 10 ай бұрын

Yeah, they are called Cantenna (Can + Antenna). This post is a bit old, but it should provide you with more info: jacobsalmela.com/2013/09/07/wi-fi-cantenna-2-4ghz-how-to-make-a-long-range-wi-fi-antenna/