description
4This is the story of a hacker who met his match while breaking into a company: machine learning, behavioral analysis, artificial intelligence... Most hacking tools simply crash and burn in such a hostile environment. What is a hacker to do when facing such a fully equipped opponent?
Note: the source code of all custom attack payloads are provided and explained thoroughly in the book.
Cybersecurity at its best We start by building a resilient C2 infrastructure using cloud providers, HTTP redirectors and SSH tunnels. The idea is to hide behind an array of disposable machines that we can renew in a matter of seconds to completely change our internet footprint. We then set up step-by-step a phishing platform: fake website, postfix server, DKIM signing, SPF and DMARC.
The Art of intrusion Instead of hacking directly our mark(an offshore company), we target one of their suppliers that we identified using OSINT techniques. We collect a couple of passwords thanks to our phishing platform and leverage the remote Citrix access to put our first foot inside. We bypass Applocker and Constrained Language on PowerShell to achieve code execution, then start our Active Directory reconnaissance.
Minutes later, we are kicked out of the network due to suspicious activity.
The art of exploitation We exploit a flaw in password patterns to get back on the Citrix server. We are facing MS ATA and the QRADAR SIEM. We learn to evade them using various hacking tricks and manage to disable all new Windows Server 2016 security features (AMSI, ScriptBlock Logging, etc.). We also face Windows next-gen antivirus (ATP) while trying to get credentials belonging to developers we suspect are working on the product used by the offshore company. We end up backdooring the accounting software in a way to evade most security and functional tests.
Forget penetration testing, time for some red team Our backdoor triggers a fileless malware that give us access to our final target's internal network. After that it's just a cakewalk to achieve domain admin privileges and access personal data of thousands of shell companies and their end beneficiaries.
This book's edition assumes prior knowledge of basic computer security principles such as NTLM, pass-the-hash, Windows Active Directory, group policy objects and so forth. If you are scantly comfortable with these concepts, I strongly encourage you to first read How to Hack Like a Pornstar (http: //amzn.to/2iwprf6) or How to Hack Like a God (http: //amzn.to/2iwA3KX) before taking on this book.