Advanced Penetration Testing - Hacking the World's Most Secure Networks by Wil Allsopp.pdf

(6496 KB) Pobierz

Table of Contents

Cover

Title Page

Introduction

Coming Full Circle

Advanced Persistent Threat (APT)

Next Generation Technology

“Hackers”

Forget Everything You Think You Know About Penetration Testing

How This Book Is Organized

Chapter 1: Medical Records (In)security

An Introduction to Simulating Advanced Persistent Threat

Background and Mission Briefing

Payload Delivery Part 1: Learning How to Use the VBA Macro

Command and Control Part 1: Basics and Essentials

The Attack

Summary

Exercises

Chapter 2: Stealing Research

Background and Mission Briefing

Payload Delivery Part 2: Using the Java Applet for Payload Delivery

Notes on Payload Persistence

Command and Control Part 2: Advanced Attack Management

The Attack

Summary

Exercises

Chapter 3: Twenty-First Century Heist

What Might Work?

Nothing Is Secure

Organizational Politics

APT Modeling versus Traditional Penetration Testing

Background and Mission Briefing

Command and Control Part III: Advanced Channels and Data

Exfiltration

Payload Delivery Part III: Physical Media

The Attack

Summary

Exercises

Chapter 4: Pharma Karma

Background and Mission Briefing

Payload Delivery Part IV: Client-Side Exploits 1

Command and Control Part IV: Metasploit Integration

The Attack

Summary

Exercises

Chapter 5: Guns and Ammo

Background and Mission Briefing

Payload Delivery Part V: Simulating a Ransomware Attack

Command and Control Part V: Creating a Covert C2 Solution

New Strategies in Stealth and Deployment

The Attack

Summary

Exercises

Chapter 6: Criminal Intelligence

Payload Delivery Part VI: Deploying with HTA

Privilege Escalation in Microsoft Windows

Command and Control Part VI: The Creeper Box

The Attack

Summary

Exercises

Chapter 7: War Games

Background and Mission Briefing

Payload Delivery Part VII: USB Shotgun Attack

Command and Control Part VII: Advanced Autonomous Data

Exfiltration

The Attack

Summary

Exercises

Chapter 8: Hack Journalists

Briefing

Advanced Concepts in Social Engineering

C2 Part VIII: Experimental Concepts in Command and Control

Payload Delivery Part VIII: Miscellaneous Rich Web Content

The Attack

Summary

Exercises

Chapter 9: Northern Exposure

Overview

Operating Systems

North Korean Public IP Space

The North Korean Telephone System

Approved Mobile Devices

The “Walled Garden”: The Kwangmyong Intranet

Audio and Video Eavesdropping

Summary

Exercises

End User License Agreement

List of Illustrations

Chapter 1: Medical Records (In)security

Figure 1.1 Pharmattix network flow

Figure 1.2 User roles

Figure 1.3 VBA exploit code imported into MS Word.

Figure 1.4 Saving for initial antivirus proving.

Figure 1.5 This demonstrates an unacceptably high AV hit rate.

Figure 1.6 Additional information.

Figure 1.7 A stealthy payload indeed.

Figure 1.8 No, Qihoo-360 is not the Holy Grail of AV.

Figure 1.9 Blank document carrying macro payload.

Figure 1.10 A little more convincing.

Figure 1.11 Initial basic Command and Control infrastructure.

Figure 1.12 The completed attack with complete access to the medical

records.

Chapter 2: Stealing Research

Figure 2.1 Permit all local Java code to run in the browser.

Figure 2.2 Java applet running in the browser.

Figure 2.3 The upgraded framework handles multiple hosts and

operating systems.

Chapter 3: Twenty-First Century Heist

Figure 3.1 The beauty of this setup is that if your C2 is disrupted by

security operations, you can point your DNS at another server.

Figure 3.2 A basic intrusion monitoring setup.

Figure 3.3 Mmmmmm. Stealthy.

Chapter 4: Pharma Karma

Figure 4.1 This image from cvedetails shows 56 code execution

vulnerabilities in Flash in 2016 alone.

Figure 4.2 The number one issue on this AlienVault SOC alarm screen

is vulnerable software, with that software being Flash.

Figure 4.3 This is clearly a large network that lacks a cohesive overall

vulnerability management strategy.

Figure 4.4 Script output shows plugin data.

Figure 4.5 A LinkedIn invite comes as an HTML email message.

Figure 4.6 This is a remote command execution bug with reliable

exploit code in the wild.

Figure 4.7 Metasploit does an excellent job at obfuscating the CVE-

2015-5012 attack.

Figure 4.8 A simple XOR function can easily defeat antivirus

technology.

Figure 4.9 The Meterpreter session is tunneled over SSH and looks

innocent to network IDS.

Figure 4.10 Notepad cannot write to the C drive. It's a fair bet most

Plik z chomika:

kufel_007

Inne pliki z tego folderu:

The IoT Hacker’s A Practical Guide to Hacking the Internet of Things.pdf (18975 KB)
security-cissp-all-in-one-exam-guide-6th-edition.pdf (60183 KB)
ethical-hacking-a-hands-on-introduction-to-breaking-in.pdf (8872 KB)
Mastering Reverse Engineering Re-engineer your ethical hacking skills by Reginald Wong.pdf (14578 KB)
Black-Hat-Go_Go-Programming-For-Hackers-and-Pentesters.pdf (23456 KB)

Advanced Penetration Testing - Hacking the World's Most Secure Networks by Wil Allsopp.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: