Red Teaming with tools from hak5
First of all, all of the tools that I’ve purchased from hak5 are items that I’ve purchased with my own money for use in my roles as an information security engineer.
Generally speaking, my day-to-day is a mixture of threat detection, incident response, and providing guidelines and guidance to keep our infrastructure secure. I did some red teaming in my previous roles, but, it wasn’t anything formal: running things like wp-scan automatically against our wordpress instances to make sure that the developers hasn’t inadvertently kept in a plugin that should have been updated due to a security issues.
I do use a lot of tools to keep both our endpoints as well as our infrastructure safe and secure, but, learning how to become a better red-teamer has been a passion of mine for a while. I’ve been acquiring tools and working on building up my skillsets by learning lock picking and other physical entry attack tools (like defeating RFID systems and door controllers, or making copies of keys with nothing more than a picture or based on sight), and at Luxottica, I was generally the go-to guy when they didn’t want to bother Asset Protection to get keys to something (or needed keys made – the ahem restricted cough cough key blanks were very easy to buy on ebay and I had a blue-punch that worked really really well with the Schlage system there). Once I’ve got into the building, I’ll want to ensure that I have continued access to the systems there, so, I’ve gone down the road of purchasing things like the screen crab, lan turtle, and keycroc so that I can see, capture, and analyze what the systems are doing.
I realize it’s easy to say, “Hey Ian, you can just use your ID card to get into the door,” but, providing visibility to everyone for them to see how easy it is to get into the building and how physical access can still compromise systems. Since I’m doing this to where I work, I know what these should be, but, being able to tell an executive that one of these cables can capture their every keystroke and even install malicious programs is always an eye opener for them.
If you’re red-teaming, and you’re not using hak5 tools, I’d love to know what alternatives you’re using, or, if you’re building your own.