Setting Up a Detection Lab
When doing an engagement sometimes one would need to test a payload or an attack vector before deploying it. Watching how an operating system logs different events or how security solutions detect certain payloads can be valuable information for a red teamer/penetration tester. An example that happened was gained credentials to MSSQL, and the MSSQL…