Security Testing with Kali NetHunter by Daniel Dieterle
Author:Daniel Dieterle [Dieterle, Daniel]
Language: eng
Format: epub, azw3
Published: 2017-06-28T05:00:00+00:00
Conclusion
In this chapter, we covered turning our smartphone into a HID attack device. We saw how our phone can be configured to send any Windows based commands to the target when connected via USB by sending individual keystrokes one at a time. We also covered a more advanced attack using PowerShell and an additional attack computer. We saw how using a HID attack with PowerShell allowed us to redirect the target system to an external system and create a remote shell.
Hopefully you can see that HID attacks can be very powerful. This avenue of attack could be very useful for a red team member or pentester who is onsite and wants to connect a target system to another Kali system located outside the company. Because Anti-Virus systems don’t normally scan keyboard input for attacks, it is imperative to protect physical access to devices or disable USB ports when they are not needed. Though some AV companies will detect the Metasploit payload used in the PowerShell example, as well as some Intrusion Detection Systems. This brings home the importance of using Network Security Monitoring, you are using NSM at your company, aren’t you?
Download
Security Testing with Kali NetHunter by Daniel Dieterle.azw3
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(6620)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(6344)
Machine Learning Security Principles by John Paul Mueller(6310)
Attacking and Exploiting Modern Web Applications by Simone Onofri & Donato Onofri(5985)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(5944)
Solidity Programming Essentials by Ritesh Modi(4061)
Microsoft 365 Security, Compliance, and Identity Administration by Peter Rising(3703)
Operationalizing Threat Intelligence by Joseph Opacki Kyle Wilhoit(3431)
Mastering Python for Networking and Security by José Manuel Ortega(3359)
Future Crimes by Marc Goodman(3351)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Blockchain Basics by Daniel Drescher(3308)
Learn Computer Forensics - Second Edition by William Oettinger(3190)
Incident Response with Threat Intelligence by Roberto Martínez(2919)
Mobile App Reverse Engineering by Abhinav Mishra(2889)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2873)
The Code Book by Simon Singh(2832)
Building a Next-Gen SOC with IBM QRadar: Accelerate your security operations and detect cyber threats effectively by Ashish M Kothekar(2801)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2785)
