Archive for March, 2014


The Hacker Playbook

Mar 26, 2014 in Security

[SecurePlanet Wiki][SecurePlanet RSS Feed][SecurePlanet RSS Vulnerabilities]
I am proud to present the book that I’ve been working on… (drum roll)… The Hacker Playbook: Practical Guide To Penetration Testing.  Feel free to grab your copy here:

To give you a little insight, the book is really a compilation of everything I’ve learned in my pentesting career. You might ask how is this any different… and I thought a lot about that when I was writing the book.

Instead of focusing on a lot of the basic features of tools, I focused on different methodologies I’ve learned and used in my past. I found that most books only focused on open source tools, but commercial tools, such as Burp Suite Professional, are so beneficial to a tester. In addition, in the reporting sections, I try to get the reader to really produce Customer Reports that are valuable. For example, don’t report a Secure Flag/HTTPOnly Cookie issue as a High if those cookies aren’t being used for the session state. I try to go into more detail about rating your vulnerabilities properly and what I really feel is most beneficial to the client. Lastly, you’ll find the whole book pretty easy to read and I try to give all my little secrets away (and my passion for PowerShell).

Here are the chapter breakdowns (Like a Football Playbook):

  • Pregame: This is all about how to set up your attacking machines and the tools we’ll use throughout the book.
  • Before the Snap: Before you can run any plays, you need to scan your environment and understand what you are up against. We’ll dive into discovery and smart scanning.
  • The Drive: Take those vulnerabilities which you identified from the scans, and exploiting those systems. This is where we get our hands a little dirty and start exploiting boxes.
  • The Throw: Sometimes you need to get creative and look for the open target. We’ll take a look at how to find and exploit manual Web Application findings.
  • The Lateral Pass – After you have compromised a system, how to move laterally through the network.
  • The Screen – A play usually used to trick the enemy. This chapter will explain some social engineering tactics.
  • The Onside Kick – A deliberately short kick that requires close distance. Here I will describe attacks that require physical access.
  • The Quarterback Sneak – When you only need a couple of yards a quarterback sneak is perfect. Sometimes you get stuck with antivirus (AV); this chapter describes how to get over those small hurdles by evading AV.
  • Special Teams – Cracking passwords, exploits, and some tricks
  • Post-Game Analysis – Reporting your findings

Thanks for the Support,