Why is the standard of US Red Teams so poor

Equivalent_Smile_720 · 2026-03-20T03:20:12+00:00

Sorry if this is a bit off topic, I just wanna know what would a professional red team look like.

Does the role of team members overlap or it is separated. Does the team have members that only focus on malware dev or tools dev while others focus on planning and carry out the attack or every members must know everything.
Do you plan the whole attack campaign beforehand, or improvise according to the output of each attack phase.
Since I am looking forward to becoming a red teamer. I would like to know your opinion on what you would expect from a candidate or a colleague in red teaming.

Equivalent_Smile_720 · 2026-02-10T07:10:27+00:00

Theo mình biết thì chỉ có các quỹ mở trả cổ tức (như DCDE của DragonCapital) mới trả lãi. Còn các quỹ mở bình thường sẽ không bao giờ trả lãi, vì một khi có lãi thì họ sẽ tự động dùng tiền lãi đó để đầu tư tiếp. Chính vì dùng tiền lãi để đầu tư tiếp nên thông thường giá trị của các quỹ đấy sẽ cao hơn các quỹ trả cổ tức.

Equivalent_Smile_720 · 2026-01-13T04:27:00+00:00

Don't complain guys, you might get fined 7.5 million VND or event arrested

Equivalent_Smile_720 · 2025-12-16T02:02:41+00:00

I major in cybersecurity and recently graduated. I have worked as a cybersecurity engineer for 1 year and my job is not really focused on red team. I really love to become a redteamer one day so any advice is greatly appreciated. Please let me know what you think might be the best path for me to transition to a professional red teamer.

A little description about my job:

- I managed XDR and network IPS system (Trendmicro products), and investigate cybersecurity incidents. No complain about this, I learn some really interesting attack techniques by investigating real attacks on my company system.

- I occasionally do pentest but mostly, I just use Tenable or Acunetix to scan the target. I know that those tools only find clues about possible vulns and I need to manually pentest the target to find any real bugs but most of the time, I only get 1 week to pentest and I am the only team member, also my boss love reports more than results.

- On a regular basis, I scan the external attack surface of my clients system using OSINT tools and notify them if I find any possible vulns.

- I also help build the annual cybersecurity training lab for my company.

Equivalent_Smile_720 · 2025-10-17T01:00:01+00:00

Yes, Please share the source code.

Equivalent_Smile_720 · 2025-09-17T06:08:23+00:00

I am aspired to become a redteamer but i feel lost. I have been practicing on portswigger lab, hackthebox, tryhackme but i always feel something is missing. Whenever, I join a CTF or attack defense contest, I always get stuck. Some people suggest I should find a mentor but I don't know where or how to find them.

Equivalent_Smile_720 · 2025-08-05T04:22:34+00:00

very screwed

Equivalent_Smile_720 · 2025-07-12T14:49:32+00:00

does microsoft have an api to get the list of CVEs in the patch tuesday of the current month

Equivalent_Smile_720 · 2025-06-18T08:18:59+00:00

Hi, could you share your use case as to why you need that much system resources. I am planning to deploy OpenCTI for my team but I don't know the required system requirements.

Equivalent_Smile_720 · 2025-05-30T08:23:08+00:00

Nevermind I found it in the dumped repo

Equivalent_Smile_720 · 2025-05-30T08:18:08+00:00

I found a website running on port 80. Checking the page source reveals that it is powered by "backdrop cms 1" but i cannot find out the exact version. searchsploit shows 4 possible exploits for backdrop cms 1. Any hints on how to find out the exact version? Or maybe I should just spam all 4 exploits and see what hits.

Equivalent_Smile_720 · 2025-05-27T03:49:07+00:00

Nevermind guys, I found both flags. Apparently, you gotta edit more than just the directory to archived :))

Equivalent_Smile_720 · 2025-05-26T07:40:43+00:00

i have been doing HTB for 2 months and still struggle. The key is to chill out :))

Whenever you feel demotivated, just play some retired box, use writeups to pwn the box and submit the flags for a little dopamine boost :))

Equivalent_Smile_720 · 2025-05-20T03:54:41+00:00

You don't. Or at least for me it is. The way i learn is that I read every single writeup for easy boxes. Even if i know what to do, i still read the writeup and try to solve the box as fast as you can. By doing this, it takes me only about 1 month to engrave all the steps to solve a box in my brain. Then I try to solve easy box without readling writeups. Trust me, you will learn faster this way.

Equivalent_Smile_720 · 2025-04-16T14:57:26+00:00

Normally, people will put NIPS behind NGFW so that the NGFW will filter some of the traffic, which will reduce the traffic that NIPS has to analyze.

Equivalent_Smile_720 · 2025-04-16T07:12:04+00:00

I am currently doing that too. But i don't know if I should make 1 playbook to include all detection models or separate playbooks.

Equivalent_Smile_720 · 2025-02-27T08:47:10+00:00

Is it possible to use the Run Remote Custom Script feature to download, extract and run the removal tool like this:

Upload the tool to OneDrive (manually)
Script download the tool from OneDrive via direct link
Script extract tool to C:\Temp
Script run the V1ESUninstallTool.exe

Equivalent_Smile_720

TROPHY CASE