- Publisher : Independently Published (11 April 2018)
- Language : English
- Paperback : 166 pages
- ISBN-10 : 1980792607
- ISBN-13 : 978-1980792604
- Dimensions : 15.24 x 1.07 x 22.86 cm
This is the story of a hacker who met his match while breaking into a company: machine learning, behavioral analysis, artificial intelligence… Most hacking tools simply crash and burn in such a hostile environment. What is a hacker to do when facing such a fully equipped opponent?
Note: the source code of all custom attack payloads are provided and explained thoroughly in the book.
Cybersecurity at its best We start by building a resilient C2 infrastructure using cloud providers, HTTP redirectors and SSH tunnels. The idea is to hide behind an array of disposable machines that we can renew in a matter of seconds to completely change our internet footprint. We then set up step-by-step a phishing platform: fake website, postfix server, DKIM signing, SPF and DMARC.
The Art of intrusion Instead of hacking directly our mark(an offshore company), we target one of their suppliers that we identified using OSINT techniques. We collect a couple of passwords thanks to our phishing platform and leverage the remote Citrix access to put our first foot inside. We bypass Applocker and Constrained Language on PowerShell to achieve code execution, then start our Active Directory reconnaissance.