Sparc Flow - How to Hack Like a Legend (2022) [Flow] [9781718501515]

I would like to express my most sincere thanks:

1. First and foremost, to the infosec community for either creating or inspiring the crushing majority of the knowledge summarized in this book. Kudos to yall.
2. To Liz Chadwick for her razor-sharp skills and sterling adjustments that helped convey the obscure and sometimes complex messages inside these pages.
3. To Matt Burrough for diligently and expertly reviewing code, command lines, and anything in between.
4. To the many people at No Starch Press who worked on this book, from design to copyediting, including Katrina Taylor and Rachel Head. And, of course, to Bill and Barbara for that first meeting that spawned this whole adventure.
5. To my wife for continuously inspiring me in more ways than one, but most of all for supporting the untimely writing fevers as well as the many frustrating nights it took to put this book together.

This is the story of one hacker who almost met his match when faced with machine learning, behavioral analysis, artificial intelligence, Microsofts security suite, and a dedicated SOC team while attempting to break into an offshore service provider. Most hacking tools simply crash and burn in such a hostile environment. What is a hacker to do when facing such a fully equipped opponent?

In this new volume of the How to Hack Like a... series, we cover step-by-step tricks and techniques for circumventing next-generation security vendors. These techniques include unmanaged PowerShell, C# Reflection, DKIM signatures, Kerberoasting, terminating protected processes, and many more essential tips for hackers and red-teamers alike.

If youve ever attended any of the renowned security conferences, be it Black Hat, Hack In The Box, or RSA, youve probably witnessed the endless parade of sponsors flashing their latest cyber products in the same way Hollywood pushes its summer blockbusters: large ads in subway stations, gorgeous models at the company booth, glamorous night events and champagne soires...

Maybe you gave in and listened to some of the notoriously intense pitches about cyber attacks, cyber awareness, cyber threat hunting, and so many other cyber buzzwords that I can hardly write them down with a straight face. These innovative actors love making increasingly grandiose claims about their abilities to detect and block unknown threats and undisclosed vulnerabilities, and perhaps a handful of these players actually do offer refreshing solutions to the age-old security questions: What are my critical resources?Who can access them? What does normal traffic look like?

Sadly, however, upon close inspection, the crushing majority of these cyber solutions turn out to be dog shit wrapped in glossy, expensive gift paper. They have a pretty decent chance of detecting your off-the-shelf obfuscated PowerShell command, but as we will soon learn together, a simple twist here, a line of code there, and theyre none the wiser.

To minimize the time to market of these security tools and produce the next big market hit, many vendors opt for the shortsighted approach of optimizing to flag the most commonly used penetration testing tools: PowerShell Empire, Nishang, Metasploit, Mimikatz, and so on. This is a deceitful tactic for delivering quick results to impress compliance-driven chief information security officers (CISOs) and other decision makers during that 30-minute demo.

As hackers, we need to anticipate these new lines of defense and be adaptive in our hacking habits. That is one thing this book will teach you: how to think on your feet and come up with dynamic solutions when it seems like there are none.

There was a time when security products were more civilized. If you were to drop a malware that got flagged, the antivirus would simply remove it and hand you the ball to try again. Contemporary security tools play dirty. When they register a suspicious event like a blacklisted domain, an odd network packet, a process injected in