Seeing Red: Tools of the Trade
This is part of a series of posts that walk through an attack.
In an ideal world, information security teams are comprised of both a dedicated Red Team (attackers or offensive side) and a Blue Team (incident responders or defensive side). I’ve never been part of a large enough security team that could dedicate full time employees solely to one team, so my roles have always included a bit of both. But I view this as a fortunate experience, because in order to truly value and understand each team, you must have experience in both.
Generally, most people are first attracted to information security because the idea of hacking and breaking things for a living is, well, cool. It’s what got me interested in the industry way back when, too. I started my own career focusing on penetration testing and being fascinated by the latest attack methodologies and tools. As I progressed, I became more interested in how to detect and defend against these attacks. Arguably, it’s more fun to break things without the responsibility of fixing anything than it is to identify gaps and respond to incidents. I’m always reminded of the fact that an attacker only needs to succeed once while a defender needs to succeed continuously.
But in order to become a better attacker or defender, you need to better understand the other side you’re up against. In this series of posts, we’ll be executing an attack to better understand what’s involved. In a future series, we will explore how to defend and detect against an attack.
Tools of the Trade: Kali Linux
Red Teams are spoiled with the variety of tools at their disposal. Seemingly everyday, a new script, tool, or application is released that further eases and automates a Red Team’s tasks. This makes sense, hacking is perceived as exciting and fun. After all, movies don’t show teams successfully defending attacks, they show the super cool hacker exercising flashy computer skills to bypass the most advanced defenses.
Further spoiling Red Teams, a collection of the best tools have been compiled into one easy to use Linux distribution known as Kali Linux. From the Kali website, “Kali Linux is an open source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. Kali Linux contains a large amount of tools from various different niches of the security and forensics fields.”
The depth and quality of the tools is staggering and includes numerous applications for reconnaissance, exploitation, privilege escalation, exfiltration, and persistence. Perhaps the most well known Kali tool is the famous Metasploit Framework that houses an ever growing collection of high quality exploits that even novices can take advantage of. It’s no wonder that Kali is the most widely used distribution by both white hats and black hats alike. Throughout this series, we’ll be using a variety of Kali’s tools to illustrate how an attacker can execute a successful compromise.
So far, we’ve described Kali Linux and its capabilities. In the next part, we’ll start to get our hands dirty and perform reconnaissance on our target victim. If you’d like to follow along and try out some of the tools we’ll be discussing, go ahead and download your own copy of Kali. I’ll be running an instance of Kali using VMWare Fusion for Mac.