Continuing the tour of my Github (npub1545…mva5) projects, the #TacticalExploitation toolkit deserves to be mentioned. It's now a bit old, but I believe the concept still applies, and very much so.
https://github.com/0xdea/tactical-exploitation
"The Other Way to Pen-Test" -- HD Moore (npub18pc…787r) & Valsmith (npub14pv…jqkx)
I've always been a big proponent of a tactical approach to #PenetrationTesting that doesn't focus on exploiting known software #vulnerabilities, but relies on #OldSchool techniques such as #InformationGathering and #BruteForce. While being able to appreciate the occasional usefulness of a well-timed 0day, as a veteran penetration tester I favor an exploit-less approach. Tactical exploitation provides a smoother and more reliable way of compromising targets by leveraging process vulnerabilities, while minimizing attack detection and other undesired side effects.
Since a few years, I've meant to give a talk on this very subject, with the working title of "Empty Phist Style - Hacking Without Tooling" (inspired by the grugq (npub18ym…460u)). Sooner or later it will happen.
Marco Ivaldi /
npub137…u50fd
2024-09-20 07:17:52
Author Public Key
npub137swhpts57chhtgttt4tm23qprkjw7dh87v3fgck8sgyu8q0zy0q7u50fdPublished at
2024-09-20 07:17:52Event JSON
{
"id": "04191b2b7e0f337608513257990ac6951b286ed9c8ebcbfd1cca9dd612dbe09c",
"pubkey": "8fa0eb8570a7b17bad0b5aeabdaa2008ed2779b73f9914a3163c104e1c0f111e",
"created_at": 1726816672,
"kind": 1,
"tags": [
[
"p",
"3936e8b932cf34af41ba1961acfd8d8b3ea8abe3dce02cb6dc3170af50d89662"
],
[
"p",
"a858115a0275bb70aa0e983d97e593a88b2426cf14096aa9b645e07d3c9e109d"
],
[
"t",
"tacticalexploitation"
],
[
"t",
"oldschool"
],
[
"t",
"bruteforce"
],
[
"p",
"a5699a602ad22f9ce3314216c8ef605e03a0f58654249dc86f571e0a2c1f35c7"
],
[
"t",
"penetrationtesting"
],
[
"p",
"38710f1c39a6351a46a073049a61e8eaf39e14168a2a81a2549950699dcbb9d9"
],
[
"proxy",
"https://infosec.exchange/@raptor/113168657459325644",
"web"
],
[
"t",
"informationgathering"
],
[
"t",
"vulnerabilities"
],
[
"proxy",
"https://infosec.exchange/users/raptor/statuses/113168657459325644",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/raptor/statuses/113168657459325644",
"pink.momostr"
],
[
"-"
]
],
"content": "Continuing the tour of my nostr:npub1545e5cp26gheece3ggtv3mmqtcp6pavx2sjfmjr02u0q5tqlxhrse8mva5 projects, the #TacticalExploitation toolkit deserves to be mentioned. It's now a bit old, but I believe the concept still applies, and very much so.\n\nhttps://github.com/0xdea/tactical-exploitation\n\n\"The Other Way to Pen-Test\" -- nostr:npub18pcs78pe5c63534qwvzf5c0gateeu9qk3g4grgj5n9gxn8wth8vsek787r \u0026 nostr:npub14pvpzkszwkahp2swnq7e0evn4z9jgfk0zsyk42dkghs860y7zzwsf5jqkx \n\nI've always been a big proponent of a tactical approach to #PenetrationTesting that doesn't focus on exploiting known software #vulnerabilities, but relies on #OldSchool techniques such as #InformationGathering and #BruteForce. While being able to appreciate the occasional usefulness of a well-timed 0day, as a veteran penetration tester I favor an exploit-less approach. Tactical exploitation provides a smoother and more reliable way of compromising targets by leveraging process vulnerabilities, while minimizing attack detection and other undesired side effects.\n\nSince a few years, I've meant to give a talk on this very subject, with the working title of \"Empty Phist Style - Hacking Without Tooling\" (inspired by nostr:npub18ymw3wfjeu627sd6r9s6elvd3vl232lrmnszedkux9c275xcje3qpu460u). Sooner or later it will happen.",
"sig": "c42ac1a70ec4a9d765ec6888cd8b00d31f48dd45ab986978de10756c1eeac41eb660680d4375bc1b0f6a88c84e3879d07174b63fe06ef9aafcb83ba51244091d"
}