Raspberry Pi as a Penetration Testing Implant (Dropbox)

14 Jul 2020 in Security (Reading time: 28 minutes)

Sometimes, especially in the time of COVID-19, you can’t go onsite for a penetration test. Or maybe you can only get in briefly on a physical test, and want to leave behind a dropbox (literally, a box that can be “dropped” in place and let the tester leave, no relation to the file-sharing company by the same name) that you can remotely connect to. Of course, it could also be part of the desired test itself if incident response testing is in-scope – can they find your malicious device?

In all of these cases, one great option is a small single-board computer, the best known of which is the Raspberry Pi. It’s inexpensive, compact, easy to come by, and very flexible. It may not be perfect in every case, but it gets the job done in a lot of cases.

I’ll use this opportunity to discuss the setups I’ve done in the past and the things I would change when doing it again or alternatives I considered. I hope some will find this useful. Some familiarity with the Linux command line is assumed.

Read More...

---

Comparing 3 Great Web Security Books

10 Jul 2020 in Security (Reading time: 11 minutes)

I thought about using a clickbait title like “Is this the best web security book?”, but I just couldn’t do that to you all. Instead, I want to compare and contrast 3 books, all of which I consider great books about web security. I won’t declare any single book “the best” because that’s too subjective. Best depends on where you’re coming from and what you’re trying to achieve.

The 3 books I’m taking a look at are:

• Real-World Bug Hunting: A Field Guide to Web Hacking
• The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
• The Tangled Web: A Guide to Securing Modern Web Applications

Read More...

---

Security 101: Encryption, Hashing, and Encoding

05 Jul 2020 in Security (Reading time: 19 minutes)

Encryption, Hashing, and Encoding are commonly confused topics by those new to the information security field. I see these confused even by experienced software engineers, by developers, and by new hackers. It’s really important to understand the differences – not just for semantics, but because the actual uses of them are vastly different.

I do not claim to be the first to try to clarify this distinction, but there’s still a lack of clarity, and I wanted to include some exercises for you to give a try. I’m a very hands-on person myself, so I’m hoping the hands-on examples are useful.

Read More...

---

Security 101: Beginning with Kali Linux

03 Jul 2020 in Security (Reading time: 18 minutes)

I’ve found a lot of people who are new to security, particularly those with an interest in penetration testing or red teaming, install Kali Linux™¹ as one of their first forays into the “hacking” world. In general, there’s absolutely nothing wrong with that. Unfortunately, I also see many who end up stuck on this journey: either stuck in the setup/installation phase, or just not knowing what to do once they get into Kali.

This isn’t going to be a tutorial about how to use the tools within Kali (though I hope to get to some of them eventually), but it will be a tour of the operating system’s basic options and functionality, and hopefully will help those new to the distribution get more oriented.

1. KALI LINUX™ is a trademark of Offensive Security. ↩

Read More...

---

Hacker Culture Reading List

26 Jun 2020 in Security (Reading time: 9 minutes)

A friend recently asked me if I could recommend some reading about hacking and security culture. I gave a couple of quick answers, but it inspired me to write a blog post in case anyone else is looking for similar content. Unless otherwise noted, I’ve read all of these books/resources and can recommend them.

Read More...

---

Older | Newer