Want to check out some malware traffic, but don’t have the gear (or bravery) of hosting your own lab and executing the malware yourself? This sounds like an advertisement, but it’s not. I just happened upon some sample traffic and analysis on the WannaCry malware at malware traffic analysis. This is excellent stuff to check out for curiosity, to possibly better test your own network alarms, learn a bit more about traffic analysis, or study up for malware analysis itself or response. Heck, it might even be useful for those that create malware for phishing red team exercises.
An absolutely excellent post about penetration testing by maderas: Shared thoughts after 6+ years in Pentesting. The insight provided is astounding. I kept reading and thinking, “I love this quote and need to pull it out,” but I kept thinking that just about every 2-3 sentences or so.
One of my favorites, though, is this line about the process of pen testing an environment: “Always be advancing your position(s).” I love this quote, and while I haven’t thought this exactly myself, it fits. There were are times in a lab looking at a system or already having access, where I’m feeling stuck. The author makes a chess analogy, and while I like his better, I also in my mind make one: “What is my next goal, and what steps can I take to get there?” Imagine what success looks like (capturing a Queen, getting root on this system), and start going through the permutations of how to get there, while at the same time fending off other attacks, mistakes, and not giving away the goal to an opponent).
I really like this post, and I really like the attitude of the author. Prefers knowing the surgical, underlying tools rather than the paid commercial stuff (Hack Naked!). Towards the end, there are some links for further study in anonymization and tools.
Honestly, I really might just snag that whole post as text and put it into a folder for reading when I need some inspiration or perspective.
I didn’t know there was a Damn Vulnerable Raspberry Pi for IoT either!