PENTESTER’S DEVELOPMENT KIT – PENTEST REGULAR 05/2013, TEASER

LET’S TALK ABOUT SECURITY

Hacking as a Service
By Rob Muris and Trajce Dimkov
To gain insight into their security vulnerabilities, companies perform penetration tests on their websites and infrastructure. Mostly, the tests are performed ad hoc or maybe on a yearly basis. This is not sufficient due to the continuous change of the IT landscape and the new vulnerabilities discoveries. The question that rises is: how can companies keep their security exposure visible despite these changes? In this article, we focus on one possible answer to this: hacking as a service.

Interpreting the Tallinn Manual Using Real World Examples
By Lance Cleghorn
The Tallinn Manual on the International Law Applicable to Cyber Warfare was published in 2013 and is the result of three years of research by twenty of the world’s top legal and technical scholars. The Tallinn Manual is an effort of the NATO Cooperative Cyber Defense Centre of Excellence that began in 2009. The primary goal of this effort is to create a manual of the highest professional integrity, which could be referenced in the event that the subject matter was to ever reach the international spotlight.

TECHNIQUES

Privacy-Preserving Data Publishing
By Noman Mohammed and Benjamin C. M. Fung
Privacy-preserving data publishing is an exciting research area. This article presents different technical proposals to the demand of simultaneous information sharing and privacy protection. However, the problems of data privacy cannot be fully solved only by technology. We believe that there is an urgent need to bridge the gap between advanced privacy preservation technology and current policies.

AV Evasion: Bypassing AV Products and Protection Against It
By Fadli B. Sidek
AV evading techniques are getting better and smarter by the day, and having just an Anti-Virus and Anti-Spyware application is insufficient to protect our machines from additional angles of threats.

Phantom’s Cerebrum: Using Python to Work a Botnet
By Milind Bhargava
Imagine a ghost robot in every computer, working in the shadows; let’s call it the Phantom, performing tasks for its master. The master controls the ghosts through a master brain device; let’s call it the cerebrum, much like the device Prof Xavier had in the X-Men. That device could control the minds of mutants all over the world. In this case, the cerebrum controls the phantoms in each computer of my home and workplace.

Cryptography with GPG
By Mohsen Mostafa Jokar
Cryptography is used to decode an important message. The receiver takes a ciphered message and uses a key for converting it to a comprehensible one. There are many reasons to perform cryptography: a messenger may be captured by the enemy or even deliver the message to the wrong person. If the message was in plaintext or cleartext, anybody could read and understand it. The article provides a step by step tutorial on creating a cryptographic key according to the GnuPG standard in the command line, as well as in the GUI.

TOOLS

Automating Malware Analysis with Cuckoo
By Christopher Ashby
This article will outline implementing an automated virtual environment to aid in the identification and analysis of potentially malicious software, what can then be extended to proactively detect and ultimately protect corporate environments from being infected.

Unicorn Magic Help in Reconnaissance
By Aleksandar Bratic
The first and critical phase of testing is reconnaissance where we usually rely on nmap, which is the most famous, and the best tool (or one of the best ones). Recently, I have started to use unicorn to complete my reconnaissance phase and I have found several very useful options of this tool. These options will be explained in this article.

Hacking Cisco Routers with SNMP
By Jason Nehrboss
Cisco routers have a number of remote access and management services available. One of the most used and least insecure is SNMP. The article shows some of the common techniques and demonstrates a new tool for taking over routers that are vulnerable. Virtually all networking devices support SNMP, and most network monitoring and management software uses it. Cisco routers have an old but less well known feature that allows a single packet to trigger a configuration upload from an arbitrary server. This is going to be the basis of all the attacks discussed here.

The USB Rubber Ducky – The Pentesters’ USB
By Midnitesnake
The USB Rubber Ducky or ‘Ducky,’ for short, is a programmable Human Interface Device (HID), that, when inserted into an Operating System (OS), will interact or assume the identity of a certain device: keyboard, mass storage, or a given combination, allowing the injection of keystrokes or applications into the OS’s memory. The key focus on the Ducky is that it can be programmed in a simple high-level language that any user of any technical skill level can quickly and easily learn to program.