Recently when talking to some friends, who are still enjoying the art of breaking in by being part of a red team, I was reminded by them how much more difficult initial access has gotten. I decided to write up some old stories in a bit more detail and well; admit that when companies implement advice and do stuff, cyber does have an impact.
If you are interested in similar blogs about how ‘easy’ things used to be, feel free to read this and this. Anyhow, enjoy the (hopefully) short stories. Oh and well euhm some might not be strictly about initial acces, after all we are pretending we are the bad guys right? So why not go directly for the objectives, even if that breaks some kill chains ;)
Thing that I liked the most about initial access, was mostly thinking about the true objective of the assignment. Since this determined if phishing was the most appropriate way to get there or not.
And as always with these stories, I’ve mixed up some details, so they are not exact replicas of the events to protect stuff. Many thanks to all my team members from back then, we had such a blast when brainstorming on yet another approach to get that first initial access.
- 0days, since they are all the hype
- Slowly does it, no need to hurry
- Typosquatting email catch-all pays off
- Pivoting of their-ish website
- iPads are for executives and curious people
DiabloHorn 