About

About the Book

To give you a little insight, the book is the second version of "The Hackers Playbook: Practical Guide to Penetration Testing" and it really is a compilation of everything I've learned in my pentesting career. You might ask how is this any different... and I thought a lot about that when I was writing the book.

Instead of focusing on a lot of the basic features of tools, I focused on different methodologies I've learned and used in my past. Another example is that some of the tools that I do use in the book are commercial tools, such as Burp Suite Professional. In addition, in the reporting sections, I try to get the reader to really produce Customer Reports that are valuable. For example, don't report a Secure Flag/HTTPOnly Cookie issue as a High if those cookies aren't being used for the session. I go into more detail about rating your vulnerabilities properly and what really I feel the client is looking for.

This second version of The Hacker Playbook takes all the best "plays" from the original book and incorporates the latest attacks, tools, and lessons learned. Double the content compared to its predecessor, this guide further outlines building a lab, walks through test cases for attacks, and provides more customized code.

So, what’s new? Some of the updated attacks from the last year and a half include:

  • Heartbleed
  • ShellShock
  • Kerberos issues (Golden Ticket/Skeleton Key)
  • PTH Postgres
  • New Spear Phishing
  • Better/Cheaper Dropboxes
  • Faster/Smarter Password Cracking
  • New WIFI attacks
  • Tons of PowerShell scripts
  • Privilege Escalation Attacks
  • Mass network compromises
  • Moving laterally smarter
  • Burp Modules
  • Printer Exploits
  • Backdoor Factory
  • ZAP Proxy
  • Sticky Keys
  • NoSQL Injection
  • Commercial Tools (Cobalt Strike, Canvas, Core Impact)
  • Lab sections
  • And so much more

In addition to describing the attacks that have changed in the last couple years, I have attempted to incorporate all of the comments and recommendations received from readers of the first book into this second book. A more in-depth look into how to set up a lab environment in which to test your attacks is also given, along with the newest tips and tricks of penetration testing. Lastly, I tried to make this version easier to follow since many schools have incorporated my book into their curricula. Whenever possible, I have added lab sections that help provide a way to test a vulnerability or exploit.

Here are the chapter breakdowns (Like a Football Playbook):

  • Pregame: This is all about how to set up your lab, attacking machines, and the tools we will use throughout the book.
  • Before the Snap: Before you can run any plays, you need to scan your environment and understand what you are up against. We will dive into discovery and smart scanning.
  • The Drive: Take the vulnerabilities which were identified from Before the Snap and start exploiting those systems. This is where we get our hands a little dirty and start exploiting boxes.
  • The Throw: Sometimes you need to get creative and look for the open target. We will take a look at how to find and exploit manual web application findings.
  • The Lateral Pass: After you have compromised a system, we will discuss ways to move laterally through the network.
  • The Screen: A play typically used to trick the enemy. This chapter will explain social engineering tactics.
  • The Onside Kick: A deliberately short kick that requires close distance. Here, I will describe attacks that require physical access.
  • The Quarterback Sneak: When you only need a couple of yards, a quarterback sneak is perfect. Sometimes you will get stuck with antivirus (AV); this chapter describes how to get over those small hurdles by evading AV.
  • Special Teams: Cracking passwords, exploits, NetHunter and some tricks.
  • Two-Minute Drill: You have only two minutes on the clock and you need to go from no access to full domain admin.
  • Post-Game Analysis: Reporting your findings.