DeadDropSF - Better Red Than Dead
•Download as PPTX, PDF•
1 like•283 views
Tools, techniques, and war stories from the security researchers at Bishop Fox. Feel the power to brute-force subdomains, with accuracy, at the rate of the entire English dictionary in less than 90 seconds. Learn to fly the DangerDrone, a pentesting quadcopter that takes wireless hacking and remote code execution to the sky. And, most importantly, learn advanced red team techniques from the dark side. In this talk, we’ll share a few of our favorite stories from the frontlines as well as our choice of tools for reconnaissance, physical attacks, and evasion techniques. We’ll also demonstrate tools such as GoGoDNS, the Tastic RFID Thief, and, yes, even the Danger Drone. You’ll walk away with insight into how to be a better security professional and how to ensure you’re enabled to simulate the latest emerging threats.
Recommended
More Related Content
Similar to DeadDropSF - Better Red Than Dead
Similar to DeadDropSF - Better Red Than Dead (20)
More from Rob Ragan
More from Rob Ragan (13)
Recently uploaded
Recently uploaded (20)
DeadDropSF - Better Red Than Dead
- 1. BETTER RED THAN DEADELEGANT WEAPONS FOR A MORE CIVILIZED AGE October 26, 2017
- 2. 22 Rob Ragan • Managing Security Associate • Loves to wear yoga pants • Once won a staring contest with his own reflection • @sweepthatleg Kelly Albrink • Security Analyst • Likes long walks on the breach, shell collecting • Bleeds Pumpkin Spice Lattes • @Justified_Salt ABOUT US @BISHOPFOX Who We Are
- 3. WHAT IS RED TEAMING? WHAT WE’LL DISCUSS TONIGHT
- 4. 44 What Is Red Teaming? RED VS WHO
- 5. 5 Red teaming is the practice of viewing a situation from the adversary perspective.
- 6. WHY WOULD YOU RED TEAM? WHY IS IT EVEN A THING
- 7. 77 Elevate Your Security Maturity DON’T GRADE YOUR OWN HOMEWORK
- 8. WHAT ARE WAYS OF RED TEAMING? FROM NOVICE TO EXPERT
- 9. 99 WOULD YOU LIKE TO PLAY A GAME? Tabletop Exercises • Inexpensive form of red teaming • Evaluates the IR plan and team readiness • Threat modeling matures security processes • Make if fun, engaging, memorable
- 10. 1010 DEFINE YOUR SECURITY OBJECTIVES Threat-Based Simulations • The attackers the system should protect against • The prohibited actions these attackers should not be able to perform • The response the system should exhibit instead of allowing the attack • The initial configuration the system must be in, for protection and response to occur
- 11. 1111 ALWAYS BE MONITORING ASSET CHANGES AND VULNERABILITIES Continuous Security Assessment
- 12. HOW DO WE GET IN? SITH TRICKS
- 13. 1313 STEAL THE SOURCE CODE HOW TO: Heist
- 14. 1414 BRUTE FORCE AT LUDICROUS SPEED GoGoDNS • Wanna go fast? • Use UDP • Split your requests from your responses • Resolve 100K+ wordlists in under 90 seconds
- 15. 1515
- 16. TASTIC RFID THIEF AS SEEN IN “MR. ROBOT”
- 17. 1717 DOES ANYONE IN THE AUDIENCE HAVE AN RFID-BLOCKING WALLET, BY CHANCE? Tastic RFID Thief • *THE* RFID hacking tool • Use the Tastic to extract RFID badge information • Then clone & infiltrate • Takes physical penetration tests to a whole new level
- 18. 1818
- 19. DANGER DRONE “I FEEL THE NEED … THE NEED FOR SPEED!”
- 20. 2020 • The $500 pentesting drone • Appeared at Black Hat USA + DEF CON 25 • Now, your pentests are no longer limited by physical boundaries OWN THE SKY Danger Drone
- 21. 2121
Editor's Notes
- Speaker notes: Performed hundreds of targeted web application and network assessments since 2010 Assisted with high profile Lulzsec incident response Identified weaknesses around blockbuster media assets Performed assessment activities after Iranian Cyber Army breach Led secure coding training for thousands of developers --- Template notes: Make sure to change the subheading on this slide/all slides. Include all members involved on the BF team. Include all relevant and high-profile individuals on the client-side. If the Project Details is lacking, reach out to your PM to ensure all client personnel are listed on this slide. Make sure the correct job titles are used If you need to fit more names, insert another slide with this layout and use two slides for this part. Keep the company logos to a smallish size and keep them closer to company names than not. But don’t squish everything together. Make sure the top of the logo lines up with the gridline
- First off, why are we even here? What does red teaming mean? // https://www.forbes.com/sites/christieterrill/2017/03/30/how-to-use-red-teaming-in-your-cybersecurity-program/#3991852275a4
- Speaker notes: Is it about social engineering? Is it about not getting caught? Is it about choosing the right tool for the job? Is it about being ready for anything?
- Or is it about training yourself to think differently? That’s it. It’s about forming a team of stakeholders to practice thinking like the enemy. There are many ways to do this. There are no scientifically proven right or wrong ways to red team. It doesn’t have to be: Universal scope Covert Social engineering focused It should be designed to get what YOU want out of it. Tailored to your level and audience. Get all your stakeholders together first and clearly define what that means to the team before you start.
- Speaker notes: Ask for an outsider expert opinion to: Prepare for a security incident (battle) Explore a specific cyber attack scenario Simulate a breach --- Template Notes: Make sure that the icons are located in relation to the activity performed – internal pentest = inside yellow perimeter, external pentest = outside yellow perimeter, etc. The goal here is to talk about the scope and approach of the activities. Ex: Social Engineering Target of 200 Acme employees Use email, phone, and website phishing techniques External Pen Testing Internet-facing IP addresses that we discovered Real-world attack simulation focused on identification and exploitation Identifying application attack surface Automated vulnerability scanning combined with manual validation Exploitation of application vulnerabilities, insecure configurations, and design flaws. Design Guide Yellow RGB (255, 205, 0)
- If you’re new to red teaming? Try keeping it lightweight at first.
- Simulate some threats that you think you’re ready to beat in a fight.
- Map the entire galaxy, or at least your network, applications, locations, and people. [Show Mind Map]