Download The Hacker Playbook 2(Practical Guide To Penetration Testing) By Peter Kim

Introduction

You have been hired as a penetration tester for a large industrial company called Secure Universal Cyber Kittens, Inc. or SUCK, for short. They are developing future weapons to be used by the highest bidder and you have been given the license to kill…okay, maybe not kill, but the license to hack. This authorization gives you full approval to use any tactic in your arsenal to try to break into and steal the company’s trade secrets. As you pack your laptop, drop boxes, rubber duckies, Proxmarks, and cables, you almost forget the most important thing…The Hacker Playbook 2 (THP). You know that THP will help get you out of some of the stickiest situations. Your mind begins hazing back to your last engagement… After cloning some badges and deploying your drop box on the network, you run out of the office, barely sneaking past the security guards. Your drop box connects back to your SSH server and now you are on their network. You want to stay pretty quiet on the network and not trigger any IDS signatures. What do you look for? You flip to the Before the Snap chapter and remember printers! You probe around for a multifunction printer and see that it is configured with default passwords. Great! You re-configure LDAP on the printer, set up your netcat listener, and obtain Active Directory credentials. Since you don’t know what permissions these credentials have, you try to psexec to a Windows machine with a custom SMBexec payload. The credentials work and you are now a regular user. After a couple tricks with PowerTools in the Lateral Pass section, you move to local admin and pull passwords from memory with Mimikatz. Phew… you sigh… this is too easy. After pulling passwords for a few accounts, you find where the domain admins (DA) are and connect to their boxes to pull passwords again. With domain admin creds, it is pretty straightforward to dump the Domain controller (DC) with psexec_ntdsgrab and then clear your tracks.

Objectives

Heartbleed

ShellShock

 Kerberos issues (Golden Ticket/Skeleton Key)

PTH Postgres ● New Spear Phishing ● Better/Cheaper Dropboxes

Faster/Smarter Password Cracking

 New WIFI attacks

 Tons of PowerShell scripts

 Privilege Escalation Attacks

 Mass network compromises

 Moving laterally smarter

Burp Modules

Printer Exploits

 Backdoor Factory

 ZAP Proxy

Sticky Keys

 NoSQL Injection

 Commercial Tools (Cobalt Strike, Canvas, Core Impact)

 Lab sections

Tags: #The Hacker Playbook 2 epub #The Hacker Playbook 2 pdf Download #The Hacker Playbook 2 Practical Guide To Penetration Testing Free pdf #The Hacker Playbook 2 Review #The Hacker Playbook pdf

Download Database Design  Second Edition Adrienne Watt
Download Database Design Second Edition Adrienne Watt
Introduction Database Design 2nd  Edition is a
Download Modeling and Simulation in Python By Allen B. Downey
Download Modeling and Simulation in Python By Allen B. Downey
Introduction This book is about modeling and
Download Purely Functional Data Structures By Chris Okasaki
Download Purely Functional Data Structures By Chris Okasaki
Introduction Efficient data structures have been studied

Leave a reply "Download The Hacker Playbook 2(Practical Guide To Penetration Testing) By Peter Kim"

Must read×

Top
css.php