BOOK REVIEW: Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide by Lee Allen

Alright, alright already… Another Pen Testing book… Many, if not all of us have purchased or downloaded purchased *cough, cough* copies of Pen Testing books in its many forms and have gone through them only to find it was fairly similar to the last one purchased.  Does it lay out the phases of a pen test? Check. Does it mention the scanners we all know and love?  Check.  Does it mention and give examples of using Metasploit?  Check.  Well, for all the experienced testers out there and for us noobs alike there is a new Sheriff-in-Town and he, or she, is looking really promising!  The book is called Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide by Lee Allen.

I know you’re probably thinking, “what another book on pen testing?, whatever…”, but I think that this one picks up where the others have left off or left out.  I’m not going to go chapter by chapter but highlight areas that I think are great to read and with methods to use.  So away we go!

It’s quite refreshing that it is assumed the reader is somewhat technical and doesn’t need to be fully hand held through the lab setup process so not a lot is wasted on setting up your VMs or debating what flavor is the best.  It can also be said that the information is also great for getting the noob up and running.  The one part that I really appreciated reading was on setting up BackTrack and the snippets of commands used to get it up and running, installed, and updated (for all us noobs it shortens the amount of time spent in the forums, but doesn’t alleviate the need to “TRY HARDER!!”).

This book is also great in introducing tools that I hadn’t had much exposure to and the thought of using Magic Tree as a means to help create your report is great!  I know that we’ve all muddled through results trying to ensure that our text files are somewhat organized.  Having Magic Tree help to collect your information and then format into a report is invaluable.  I also like that Dradis is introduced as a means to gather all of you information into one place that can be shared.  This would be very helpful when working on a team test.

One thing that I’ve enjoyed through the book is the use of the Metasploit framework and the Social Engineering  (SET) Toolkit.  I know that Metasploit has been covered in-depth within other books but I think it’s the presentation of use and updating that makes it really refreshing!  I also really like that a small part of SET is discussed and walked through.  Those two tools have become di rigueur in the pen tester’s bag of tricks!  Even though it’s not deep it gives enough for the reader to get started down the path.

One chapter that I haven’t really seen anywhere else is on Post Exploitation.  To read about and try some of the methods in the chapter has been fun.  More so it has the old brain-housing group really thinking about how to positively perform post exploitation that gives the customer or client a solid feel for what can be had in their environment.

Something else that I’ve really enjoyed seeing is that there are progressively harder challenges through the use of Kioptrix.  The reader has the chance to start at level one and move up to more advanced techniques, which the user can use to practice against.  Reminds me a lot of Web Goat and hacking challenges from Astalavista in that you have progressively harder challenges to get through.

There are so many good qualities to this book that I’ve enjoyed that I would recommend this to my friends and colleagues, even if it were only for a reference.  The pacing of the read and the examples were good enough to keep me from saying “WTF how did he set that up?” and actually kept me engaged in the content.  If you’re in the market for a good book that is not only a great primer on the subject but also an excellent reference, this is one I would recommend considering.

Advertisements

Off the grid…. and on to the cons!

Just like any good spook it’s time to come in out of the cold and back into the warmth of HQ. It’s been quite a while since my last post and I need to just make the time to do it. I will get better….  As many of you can recite from memory, “Do or Do not, there is no try!” – Yoda

So begins the summer of the Cons!! There are many good one coming up and I was going to try to get to Security B-sides Detroit. The Rust Belt, the Midwest, West Virginia, and Northern Kentucy and the robustness of security cons is not to be trifled with. Here’s a list (I’ve probably missed a few so I apologize in advance!):

– Notacon up in Cleveland just happened
– Thotcon in Chi-town back in April
– 2 Security B-Sides in June/July (Detroit/Cleveland)
– Not in the region but DefCon and BlackHat is the summer biggie
– DerbyCon in Louisville, KY in September
– GrrCON in Grand Rapids, MI in September
– Hack3rcon in Charleston, WV in October

So there is virtually no shortage of quality conferences to go to and pick up a bit of knowledge. In fact, for someone living in the Midwest they can get to quite a few conferences, not boondoggles (well okay a little bit because Hackers love Hooch!), for the same cost of hitting the major July out west event. This may be the right amount of cost savings for any company wanting to keep their security pogues happy and brains filled with teh knowledge.

Why conferences? It is truly amazing how much you actually can learn, if you can break thru the booze haze and hangover! It’s also a great opportunity to see old friends and make new ones. For us poor saps cloistered in the buildings we call offices or home offices it’s a welcome reprieve to let our hair down, or in my case last year cut off for Mowhawks-for-Charity. The look on the CISO’s face was awesome when he saw me walking into the office. It sparked a great conversation of what is a hacker and what the security rank-and-file will look like in 5-10 years. It is always great to have those “educational” conversations with senior management!

The networking portion is also a good time and it’s great to meet others in the same profession but in different industries to hear about this issues. The conversations may be different but the content is common… “OWASP Top 10 is what we’re focusing on”, “Access is a huge security headache”, and my favorite “the users in our company have no regard for security”. The nice thing is that even with that commonality there is a lot of ways to address the problem.

If we should ever have a chance to meet, please don’t take it wrong if I don’t say much at first. I’m the type of guy that will listen a lot, digest the information, and begin to ask you a ton of questions. I’m not asking so many questions to be a jerk, I just have a genuine interest in learning. I like adventuring into rabbit holes and going deep until my brain hurts.

For those reading; yes I’m back, yes will be more diligent in posting, and yes I may rant a time or two!

0ddj0b

DerbyCon is the Shizzle Bizzle!!

How many times do we as security professionals, nerds, and H4x0rs get to participate in a ground breaking industry event?  Not many, and this is one not to be missed!!  Better than the Shamwow and more versatile than the Magic Bullet DerbyCon is poised to give many other security conferences  a run for their money.  The schedule for the event reads like the “who’s who” in information security and is poised to be just as good as DefCon, ShmooCon, and ToorCon.

Interested?  Good, then click the image above!!

I’m thinking that this will the Sean Connery James Bond of Security Conferences to come.  I hope to see you there!

Security is no guarantee, vigilance is!

Going through one of many portable drives I came across this video I made.  The company shall remain nameless but it was probably made around 2005 in a vacant office within the building.  I remember that we wanted to create an educational and fun video around the physical aspect of cabled laptops and the false sense of security they provide.  During that time there were a rash of thefts and the response to the thefts were to buy the cables and mandate that they be used.  Alas, the tools of our security became another challenge to the “Gone in 60 Seconds” crew.  Forget the fact that you can pop the top of the work surface and most of the cubical prairie dog population will ignore or have their iPod full blast.  This was much more subtle and effective.  During lunch or before/after hours, it was the perfect physical exploit.  Now Oddjob and Jaws had a physical asset to resell with the potential for access to valuable data that could be sold and resold in secondary markets.

The funny thing is that this is still as relevant today as it was back then…  Security is no guarantee, vigilance is!

  • December 2017
    M T W T F S S
    « Apr    
     123
    45678910
    11121314151617
    18192021222324
    25262728293031
  • Categories

  • oddjob

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 60 other followers