I’m not a penetration tester, although I did do that for a while but I was more on the social engineering side (which often requires some form of delivery mechanism and payload for the mark to execute).
I now a manager of a bliue team capabilities (detection using correlation, analytics and hunt; cyber threat intelligence collection, analysis and dissemination; triage and investigation; and often a but of digital forensics and incident response. My team have been involved in doing this for about 25 of the FORTUNE 100 organisations - don’t know if this mailing list gets publicly archived so I can’t say who. In order to be a good blue teamer, you need to understand the attack vectors, methodologies and motivations of the (red) attacker - hence knowing how to do stuff like this. If you’re interested in knowing how to conduct a good pentest the Penetration Testing Execution Standard (PTES) is a good resource; to learn about the attack vectors, you can’t go wrong with the MITRE ATT&CK Framework; and, finally, one of the most respected exams in this area is the Offensive Security Certified Professional (OSCP) which is from the makers of the Kali Linux penetration testing distribution - be warned, the training is only a starting point for what you need to know so if you sign up for their 90 days lab and access to training, you’ll go down lots of rabbit holes around learning assembly, reverse engineering, etc to an extent you’ll need to read a couple of books on each topic to do well in the 24 hour hands on exam (with another 24 hours to finalise and submit the report). If anyone is considering a career in cyber security and I’m not abroad (which is why I can’t attend many of the meetings) I’m happy to share any advice. Regards James > On 1 Oct 2018, at 10:39, Ralph Corderoy <ra...@inputplus.co.uk> wrote: > > Hi James, > >> You can always write a script in Python using scapy to spam ARP >> broadcasts with the IP address associated to the MAC you want. Most >> network stacks will blindly take this and throw out the one they have >> cached. > > nping(1) should also be able to put fake ARP replies onto the wire for > those that want to play at home. > http://declinesystems.blogspot.com/2012/07/man-in-middle-with-nping.html > > Cheers, Ralph. > > -- > Next meeting at *new* venue: Bournemouth, Tuesday, 2018-10-02 20:00 > Check if you're replying to the list or the author > Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ > New thread, don't hijack: mailto:dorset@mailman.lug.org.uk -- Next meeting at *new* venue: Bournemouth, Tuesday, 2018-10-02 20:00 Check if you're replying to the list or the author Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
