Learning to Attack

2018 Kickoff: Learning to Attack

This is lightly formatted raw slides text. PDF of slides: http://dfirfiles.net/myslides/

  • Why?
  • Some Resources
  • OffSec
    • PWK, OSCP
  • Scripting
  • Q&A

Why Learn to Attack?

  • Purple is a lovely colour
  • Want to lose less at CTFs
  • Get another certification
  • Peer Pressure
  • Saw on TV, looked cool

Srsly, Why?

  • See life/work from the other side
  • Understand attacks and attackers better
    • Be able to run attacks (in lab) to study them
    • Get better at defence and analysis
  • Make sense of pen test reports, threat intel
  • Profit !

But First … Live Targets!

  • Target networks in some BB sessions
  • Temporary room network

and(here(), now()) => ?

  • No work impact.
    • Respect your shift

  • Coordinate with your lead or manager

  • Wifi Only
  • No corp systems on target networks.

Study Plan: You have to study

  • Brownbags on topics
  • Moral Support. mentoring
  • Resources and recommendations:
    • What works for us
    • Link dumps

Rsrc: Targets,Books,Chals

a bunch of VMs**, some books, and some online challenges

  • VulnHubs like Mr Robot, Sokars, BadStore
  • Books like Erickson, Weidman
  • Chall/CTFs like … ( use WeChall and CTFTime)
  • OntheWire: start with Bandit
  • PPTL , HTB.eu , pwnable.kr …

** and a safe place to run them, ref: 2017 lab brownbags

Rsrcs: Tool VMs,Other resources

Attack tools VMS

  • Kali
  • BlackArch
  • MeanPuppy

Web and App Sec tools

  • SamuraiWTF
  • Burp Suite
  • ZAP, Fiddler

Other online rsrc

  • MSFU
  • Forums / Subreddits
cookie: user=admin
BSSID:PWK
‘ OR 1=1; ##

Offensive Security

aka OffSec

  • Make BackTrack, Kali, NetHunter distros
  • Run Exploit DB , Google Hacking DB
  • Metasploit Unleashed free online security training
  • (in)famous attack training and certifications
    • PWK for OSCP
    • Offensive Security Wireless Attacks (WiFu), CTP, and more
  • Like to say “Try Harder”

PWK : OSCP

Pen Testing with Kali (course)

  • Guided Studies (PDF, Videos)
  • Lab Exercises
  • Targets in Lab network

Covers:

  • toolset for attack and exploitation
  • process and methods for attack and reporting

OffSec Certified Pen tester exam

Live, timed, hands on pen test and report exam

  • Pop the Boxes
  • Write it Up
  • Do your Homework

Scripting: Get Better At

Same list as 2017:

  • Bash
  • Powershell
  • Python
  • Excel (or more Python)
    • Data Science

Resources:

  • Codecademy
  • DataCamp
  • Pluralsight
  • my local $automation_engineer

Q&A

linkdump

# for u in $LINKDUMP; do echo -n $u; echo ‘ , ‘; done
http://vulnhub.com , https://nostarch.com/metasploit , https://nostarch.com/hacking2.htm , wechall.net , ctftime.org , http://overthewire.org/wargames/bandit/ , http://hackthebox.eu/ ,  http://practicalpentestlabs.com/ , http://kali.org/ , https://www.offensive-security.com/metasploit-unleashed/ , http://samurai-wtf.org/ , https://www.pluralsight.com/ , https://www.datacamp.com/ , https://www.codecademy.com/ , 
#  jobs
...
Written on January 23, 2018