Archive for June, 2015

 

The Hacker Playbook 2!

Jun 26, 2015 in Security

[SecurePlanet Wiki][SecurePlanet RSS Feed]

The second edition of The Hacker Playbook has been released!  The Hacker Playbook 2 (THP2) takes all the best “plays” from the original book and incorporates the latest attacks, tools, and lessons learned. Double the content compared to its predecessor, this guide further outlines building a lab, walks through test cases for attacks, and provides more customized code.

aaaa

Grab a copy of The Hacker Playbook 2 from Amazon now!
www.amazon.com/dp/1512214566/

To give you a little insight, the book is really a compilation of everything I’ve learned in my pentesting career. You might ask how is this any different… and I thought a lot about that when I was writing the book.

Instead of focusing on a lot of the basic features of tools, I focused on different methodologies I’ve learned and used in my past. Another example is that some of the tools that I do use in the book are commercial tools, such as Burp Suite Professional. In addition, in the reporting sections, I try to get the reader to really produce Customer Reports that are valuable. For example, don’t report a Secure Flag/HTTPOnly Cookie issue as a High if those cookies aren’t being used for the session. I go into more detail about rating your vulnerabilities properly and what really I feel the client is looking for.

So, what’s new? Some of the updated attacks from the last year and a half include:

  • Heartbleed
  • ShellShock
  • Kerberos issues (Golden Ticket/Skeleton Key)
  • PTH Postgres
  • New Spear Phishing
  • Better/Cheaper Dropboxes
  • Faster/Smarter Password Cracking
  • New WIFI attacks
  • Tons of PowerShell scripts
  • Privilege Escalation Attacks
  • Mass network compromises
  • Moving laterally smarter
  • Burp Modules
  • Printer Exploits
  • Backdoor Factory
  • ZAP Proxy
  • Sticky Keys
  • NoSQL Injection
  • Commercial Tools (Cobalt Strike, Canvas, Core Impact)
  • Lab sections
  • And so much more

In addition to describing the attacks that have changed in the last couple years, I have attempted to incorporate all of the comments and recommendations received from readers of the first book into this second book. A more in-depth look into how to set up a lab environment in which to test your attacks is also given, along with the newest tips and tricks of penetration testing. Lastly, I tried to make this version easier to follow since many schools have incorporated my book into their curricula. Whenever possible, I have added lab sections that help provide a way to test a vulnerability or exploit.

Here are the chapter breakdowns (Like a Football Playbook):

  • Pregame: This is all about how to set up your lab, attacking machines, and the tools we will use throughout the book.
  • Before the Snap: Before you can run any plays, you need to scan your environment and understand what you are up against. We will dive into discovery and smart scanning.
  • The Drive: Take the vulnerabilities which were identified from Before the Snap and start exploiting those systems. This is where we get our hands a little dirty and start exploiting boxes.
  • The Throw: Sometimes you need to get creative and look for the open target. We will take a look at how to find and exploit manual web application findings.
  • The Lateral Pass: After you have compromised a system, we will discuss ways to move laterally through the network.
  • The Screen: A play typically used to trick the enemy. This chapter will explain social engineering tactics.
  • The Onside Kick: A deliberately short kick that requires close distance. Here, I will describe attacks that require physical access.
  • The Quarterback Sneak: When you only need a couple of yards, a quarterback sneak is perfect. Sometimes you will get stuck with antivirus (AV); this chapter describes how to get over those small hurdles by evading AV.
  • Special Teams: Cracking passwords, exploits, NetHunter and some tricks.
  • Two-Minute Drill: You have only two minutes on the clock and you need to go from no access to full domain admin.
  • Post-Game Analysis: Reporting your findings.

Grab a copy of The Hacker Playbook 2 from Amazon now!
www.amazon.com/dp/1512214566/

Thanks for the support,
Peter