Offensive Introduction

1. Offensive Introduction Offensive Security

2. Introduction • I will always say “we as [insert title here]” • Penetration tester • Red teamer • Etc. • Why are we doing this? • There is a business need

3. “Think Different” – Apple • Thinking like an attacker is different • Our mind is always on how do we break X

4. Many names for a “hacker” • Hacker (internal) vs Hacker (external) good vs bad • Hacker vs cracker • Script kiddie/Packet monkey • Still dangerous • Whitehat/Blackhat/GrayHat • Hactivist • Attacker

5. Terms • Penetration Test/”ethical” hack • Legal attempt to break into a company’s network • Report the findings • Vulnerability assessment • This is not a penetration test • PT vs VA • Red teaming vs PT • Who’s involved? • Penetration testers/ethical hackers/security researchers

6. Types of Assessments • Table top • Vulnerability assessment • Penetration test • Cooperative • Adversarial • Etc.

7. Overt Pen Tests • Tester is told everything about the network • Ability to ask questions to sysadmins, netadmins, devs, etc • Maybe even given accounts with passwords • CVPA – Cooperative Vulnerability and Penetration Assessment • Goals? • Benefits? • Drawbacks?

8. Covert Pen Tests • Staff does not know about the test • Tester may not be given any details • Company name • Goals? • Benefits? • Drawbacks? • Adversarial assessment

9. Kali Linux • Linux Distro • Debian based • Built and maintained by Offensive Security • Penetration testing specific • 99.9% of the time this should be a VM • Tools pre-installed • root/toor

10. Others • Parrot OS • Similar to Kali • CommandoVM • Fireeye • Windows host • https://github.com/fireeye/commando-vm • Uses Chocolatey • https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html

11. Sending Traffic • Host only network setting is best • NAT... Be careful • You could go to jail • Ethics