🦑𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐑𝐄𝐃 𝐓𝐄𝐀𝐌

Pentesting is primarily concerned with identifying and exploiting vulnerabilities within a specific target system, striving to uncover as many weaknesses as possible.
This process aids in shoring up an organization's defenses by pinpointing areas of vulnerability.

On the other hand, a red team engagement shifts its focus. Instead of merely finding vulnerabilities, it aims to assess an organization's defensive capabilities by simulating real-world attacks.
The goal is to evaluate how well the organization can detect and respond to these simulated threat actors.

You will find below a list of resources for Red Teaming.

👉𝗪𝗛𝗔𝗧 𝗜𝗦 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠?
🌟Red Team definition, redteam guide by Joe Vest & James Tubberville
https://lnkd.in/eUaZcWvg

🌟Red Teaming Handbook, UK Ministry of Defense
https://lnkd.in/euUkwQRq

👉𝗪𝗛𝗔𝗧 𝗔𝗥𝗘 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠 𝗘𝗫𝗘𝗥𝗖𝗜𝗦𝗘𝗦?
🌟NIST’s Definition of Red Team Exercise
https://lnkd.in/eZVzn5AW

🌟Red Team Plan by Magoo
https://lnkd.in/eFUBzxEY

👉𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦 𝗔𝗡𝗗 𝗠𝗘𝗧𝗛𝗢𝗗𝗢𝗟𝗢𝗚𝗜𝗘𝗦
🌟MITRE ATT&CK Matrix for Enterprise
https://attack.mitre.org/

🌟Red Team Guides by Joe Vest & James Tubberville
https://lnkd.in/eXPxchUk

🌟Red Team Operations Part 1 and 2 Joas A Santos
https://lnkd.in/e7m3XzE7
https://lnkd.in/es7uSQA4

🌟Red Team Notes 2.0 by dmcxblue
https://lnkd.in/ekGaQASx

👉𝗖𝗢𝗨𝗥𝗦𝗘𝗦 𝗔𝗡𝗗 𝗛𝗔𝗡𝗗𝗦 𝗢𝗡
🌟Hackersploit Red Team Series (video and guide)
https://lnkd.in/ek5naA4Q
https://lnkd.in/e4U2tW2z

🌟Responsible Red Teaming by The Taggart Institute
https://lnkd.in/eur4_nFn

🌟Red Teaming rooms on TryHackMe
https://lnkd.in/e8G9eMS5
https://lnkd.in/eYa9mHmk
https://lnkd.in/eQcnuu-m

🌟Board games by Hadess | حادث
https://lnkd.in/ee2EEyEh

👉𝗧𝗢𝗢𝗟𝗦
🌟Red Teaming Toolkit by infosecn1nja
https://lnkd.in/e8VnsYVH

🌟Red Team tools by A-poc
https://lnkd.in/evPBDZRm

🌟Red Teaming Toolkit Collection by 0xsp
https://lnkd.in/eP7jNUE4

🌟Red Team Ops Cobalt
https://lnkd.in/euMjeFEx

👉𝗕𝗢𝗡𝗨𝗦
🌟Red Team Resources by J0hnBx
https://lnkd.in/eeYCQ-Db

🌟Red Team Village talks
https://lnkd.in/eHwKj5gB

🌟A Beginner's Guide to Obfuscation by BC Security
https://lnkd.in/e92JuwPR

Full credit: Gabrielle B.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

📱 A Royal Encounter with #AI: King Charles III Amazed by #Apple's Image Wand

https://undercodenews.com/a-royal-encounter-with-ai-king-charles-iii-amazed-by-apples-image-wand/

@Undercode_News

📱 #Apple's #AI-Powered Notifications Under Fire for False Reports

https://undercodenews.com/apples-ai-powered-notifications-under-fire-for-false-reports/

@Undercode_News

🛒 The Myth of #AI Emotion Recognition: Science or Sales Pitch?

https://undercodenews.com/the-myth-of-ai-emotion-recognition-science-or-sales-pitch/

@Undercode_News

Sharp & Carter CEO Sparks Controversy with Blunt Christmas Speech

https://undercodenews.com/sharp-carter-ceo-sparks-controversy-with-blunt-christmas-speech/

@Undercode_News

🦑 Cybersecurity 101 in one picture
1. Introduction to Cybersecurity
2. The CIA Triad
3. Common Cybersecurity Threats
4. Basic Defense Mechanisms
5. Cybersecurity Frameworks
6. Cybersecurity Ecosystem

Thriving Through Challenges: The Nigerian Startup Landscape

https://undercodenews.com/thriving-through-challenges-the-nigerian-startup-landscape/

@Undercode_News

🌐 Bridging the Gap: MTN Joins the Race for Satellite Internet in Africa

https://undercodenews.com/bridging-the-gap-mtn-joins-the-race-for-satellite-internet-in-africa/

@Undercode_News

🖥️ Unmasking the Puppet Master: ProxyAM and the Socks5Systemz Botnet

https://undercodenews.com/unmasking-the-puppet-master-proxyam-and-the-socks5systemz-botnet/

@Undercode_News

🧠 Artificial Intelligence: A Double-Edged Sword

https://undercodenews.com/artificial-intelligence-a-double-edged-sword/

@Undercode_News

🦑ARP and DNS Spoofing:


> Network Penetration Testing: Assess the security of networks by identifying weaknesses in ARP protocols and DNS resolutions. 🔍🛡

>Security Auditing: Log and analyze network traffic to discover potential vulnerabilities and improve network defenses. 📊🔒

> Educational Purposes: Learn and teach network security concepts through practical, hands-on experience with ARP and DNS spoofing techniques. 🎓📚

>Traffic Analysis: Monitor and capture traffic for forensic investigations or to understand user behavior on a network. 🔍📈


Installation 🛠
To install and run BlackVenom, follow these simple steps:

1️⃣ Create a Python Virtual Environment 🐍
First, create a virtual environment to manage dependencies:

python -m venv BlackVenom-Kali

2️⃣ Activate the Virtual Environment 🔑
Activate the virtual environment:

source BlackVenom-Kali/bin/activate

3️⃣ Install Dependencies 📦
Now, install the necessary dependencies from the requirements.txt file:

pip install -r requirements.txt

> Run the Tool ⚡️ After installation, you can run BlackVenom using the provided CLI:
python black_venom_cli.py
Usage Examples
Example 1: Basic ARP Spoofing
This command performs a basic ARP spoofing attack between a target and a gateway without enabling packet logging or DNS spoofing. 🔗

sudo python black_venom_cli.py \
    --target_ip 192.168.11.128 \
    --gateway_ip 192.168.11.2 \
    --interface eth0

Example 2: ARP Spoofing with Traffic Logging
In this example, packet logging is enabled while performing ARP spoofing. 📝

sudo python black_venom_cli.py \
    --target_ip 192.168.11.128 \
    --gateway_ip 192.168.11.2 \
    --interface eth0 \
    --enable_logging \
    --log_file ~/Desktop/captured_packets.pcap
Example 3: ARP Spoofing and DNS Spoofing
This command enables both ARP spoofing and DNS spoofing, redirecting DNS requests for a specific domain. 🌐🔀

sudo python black_venom_cli.py \
    --target_ip 192.168.11.128 \
    --gateway_ip 192.168.11.2 \
    --interface eth0 \
    --enable_logging \
    --log_file ~/Desktop/captured_packets.pcap

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔐 Hackers Leak Private Photos of WWE Star Paige

https://undercodenews.com/hackers-leak-private-photos-of-wwe-star-paige/

@Undercode_News

🔍 Pakistan's #Digital Pulse: Top #Google Searches of 2024

https://undercodenews.com/pakistans-digital-pulse-top-google-searches-of-2024/

@Undercode_News

🦑Spoofing Utilities:

DNS-Spoof by Mustafa Dalga:
https://github.com/mustafadalga/dns-spoof

MITM Attack Practice:
https://github.com/bilalz5-github/MITM-Attack_practice

ARP Spoof Detection Tool (Dr. Spoof):
https://github.com/Enixes/Dr.Spoof

AdBleed (DNS Redirection Tool):
https://github.com/arevaclier/AdBleed

DNS Packet Injection:
https://github.com/shreyasbhatia09/DNS-Packet-Injection

PyDNS (Python DNS Server):
https://github.com/Douile/pydns

Rock-DDOS (Includes ARP Spoofing):
https://github.com/MasonDye/Rock-DDOS

NetSpionage:
https://github.com/ANG13T/netspionage

Dead Drop (Network Steganography with Spoofing):
https://github.com/kerosene5/Dead_Drop

ATA-Shell (ARP Modular Shell):
https://github.com/shelbenheimer/ata-shell

Phishing with DNS Spoofing Demo:
https://github.com/chi-0828/Phishing-with-DNS-spoofing

RITM (Roast in the Middle for MITM):
https://github.com/Tw1sm/RITM

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Blackview Hero 10: A Flawed Foldable Attempt

https://undercodenews.com/blackview-hero-10-a-flawed-foldable-attempt/

@Undercode_News

Don't Fall for the Hype! NITDA Warns of Deceptive Festive Season Scams

https://undercodenews.com/dont-fall-for-the-hype-nitda-warns-of-deceptive-festive-season-scams/

@Undercode_News

Israel's #AI Talent Boost: A Strategic Move

https://undercodenews.com/israels-ai-talent-boost-a-strategic-move/

@Undercode_News