I don't understand why companies continually remove social-engineering and client-side attacks from scope. I think it's great that companies are getting their applications and external networks pentested, but attackers are and have always been getting into companies. How? By having your employees run malware on their machines.
0-days are great. They also aren't the most used method of gaining access to your system. In personal experience, I've almost ALWAYS had a user run benign 'malware' just as a proof of concept. Because of this, I think I'm going to start and jump into malware development and analysis. Humans are stupid, and I'll exploit that.
I'm going to start by reading http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901. Really looking forward to this read and the hands on labs. I also hope to come up with all types of malware examples to use on a pentest. If I don't ever use them but you do (legally), please share with me your experiences and let me taste your victories.
Note: This is a random blog post. Mostly a reminder for me why I'm doing this again.
No comments:
Post a Comment