Adversaries are rapidly adapting the convoluted offensive techniques that are focused to circumvent the defence mechanism in order to accomplish their motive on the attack surface. Whereas most of the organization are not pretty much aware of the techniques used by the threat actor to accomplish their motive which leaves the defensive mechanism of the organization in a very fragile position. The fragility of the defence makes it easier for the threat actors to break or bypass the security boundaries of the organization which leads to harsh consequences.
To avoid these consequences, the organization adopts the concept of depicting the art of the threat actors on the attack surface to know the security loopholes before the attacker exploit it to accomplish its motive. This particular exercise of depicting the nature of threat actor on the attack surface is known as Red Teaming
1. Fair Knowledge of Networking and Web Technology
Manish Gupta is Director of CyberWarFare Labs in India with expertise in Offensive Information Security. Where he specializes in Offensive Security and Red Teaming Activities on enterprise Environment. A part-time Bug Bounty Hunter and CTF Player.
His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has spoken at reputed conferences like Blackhat USA 19, DEFCON 19, Nullcon 20, BSIDES CT 20 where he showcased his red teaming toolkit "PivotSuite" and delivered training in Nullcon 21. He is currently working on developing Open-Source Offensive Security Toolkit which helps Red Teamers / Penetration Testers.
Yash Bharadwaj, CTO and Technical Architect at CyberWarFare Labs [Incubated by IIT Kanpur]. With his expertise of 4+ years in Red Teaming, he is highly attentive towards finding, learning and discovering new TTP’s used during offensive engagements. His area of interest includes (but not limited to) evading AVs, EDRs, Active Directory infrastructure and Advance Windows & cloud-based attacks. He has done various on-site / remote Red Team engagements in MNCs, government agencies etc. Previously he has delivered hands-on red team trainings at BSIDES Ahmedabad, OWASP Seasides 19, Red & Blue Team Training at BSIDES Delhi and BSIDES Connecticut (USA), OWASP APPSEC Indonesia 20, CISO Platform 21 and training at Nullcon 21.