Red Teaming and Penetration Testing
Couldn't load pickup availability
ISBN: 9789365894165
eISBN: 9789365899498
Authors: Konstantin Degtiarev
Rights: Worldwide
Edition: 2026
Pages: 366
Dimension: 7.5*9.25 Inches
Book Type: Paperback
- Description
- Table of Contents
- About the Authors
Modern cyberattacks no longer rely on noisy exploits or obvious malware. Today’s adversaries abuse identity systems, cloud APIs, misconfigurations, CI/CD pipelines, and trusted infrastructure to move laterally, persist, and quietly exfiltrate data. Red Teaming has evolved from penetration testing into full adversary simulation, testing not just vulnerabilities but real organizational resilience.
This book provides a practical guide to modern red team operations. It covers reconnaissance, initial access, privilege escalation, lateral movement, command-and-control, persistence, cloud and Kubernetes attacks, CI/CD and supply-chain abuse, and real-world post-exploitation techniques. Defensive strategies are tightly integrated, including identity hardening, admission controls, policy as code, detection engineering, and incident response, with real case studies demonstrating how attacks succeed and how they are stopped.
After reading this book, readers will be able to model real attacker behavior, execute or defend against realistic red team engagements, and translate offensive findings into concrete security controls, detections, and operational improvements.
WHAT YOU WILL LEARN
● Model real-world attacker behavior using modern red team techniques.
● Exploit identity, cloud, and CI/CD trust relationships safely.
● Perform post-exploitation, persistence, and covert data exfiltration.
● Simulate adversary tactics across enterprise and cloud environments.
● Detect and contain attacks using outcome-focused telemetry.
● Translate red team findings into defensive engineering controls.
WHO THIS BOOK IS FOR
This book is for red team operators, penetration testers, and blue team engineers. SOC analysts, DevSecOps engineers, and security architects will also benefit. Readers should possess basic networking knowledge and Linux command-line familiarity to master real-world offensive and defensive strategies.
1. Understanding Red Teaming
2. Understanding the Hacker's Mindset and Reconnaissance
3. Initial Access for Bypassing Security Controls
4. Privilege Escalation and Lateral Movement
5. Command and Control Frameworks and Persistence
6. Striking Cloud Environments
7. Active Directory, FreeIPA, and IAM Security
8. Bypassing Advanced Protection Mechanisms
9. Post-exploitation and Data Exfiltration
10. Defensive Strategies and Securing Applications
11. Real-world Red Teaming Case Studies and Insights
Konstantin Degtiarev holds a master’s degree in applied mathematics with postgraduate specialization in mathematical and software support for computer systems and networks. His background spans software development, system architecture, and information security across enterprise, cloud, and hybrid environments.
He has built and led security teams, conducted large-scale penetration testing and vulnerability research, and contributed to the discovery of critical vulnerabilities across enterprise platforms, cloud infrastructures, and connected systems. His professional experience includes designing secure architectures, implementing SIEM, SOC, SOAR, CI/CD pipelines, developing security policies, and performing advanced red team and adversary simulation engagements.
Konstantin currently leads information security initiatives in the financial sector, focusing on modern red teaming, cloud security, and translating offensive findings into resilient, engineering-driven defensive architectures.