Offensive Countermeasures: The Art of Active Defense
by John Strand 2013
| Notes |
|---|
| Accenture |
| Northrop Grumman |
| SANS |
| Ed Skoudis |
| BHIS |
| offensive countermeasures |
| attribution |
| hacking back |
| DoS |
| ISP |
| Title18 1362 |
| Heckencamp (sk8) |
| eHippie vs. WTO |
| Low Orbit Ion Cannon |
| Rustack |
| Waledac |
| Relihos |
| CFAA |
| Cyber Security Enhancement Act of 2002 |
| Computer Misuse Act (UK) |
| warning banners |
| VPN |
| intellectual property |
| NPR |
| Count Zero - William Gibson |
| OODA loop |
| XSS |
| SQL injection |
| OWASP |
| PHPIDS |
| The Art of War |
| Commodore 64 |
| User-Agent |
| bugs triggered by User-Agent |
| script kiddie |
| categorizing attackers |
| Nikto |
| Acunetix |
| DNS from hell |
| zone transfer |
| security through obscurity is actually good |
| DNS cache |
| fuzzing attack tools |
| Sulley |
| random URL generators vs. crawlers |
| W3AF |
| Spidertrap |
| dirbuster |
| wordlist |
| Weblabyrinth |
| PHP |
| ASP/.NET |
| 403 |
| 404 |
| 402 payment required |
| Alice in Wonderland |
| MySQL |
| Adminer |
| UNIX timestamp 1 January 1970 |
| Metasploit |
| Meterpreter |
| recursive infinitely direcories |
| “Auditing Windows Server 2008 File and Folder Access” |
| honeypot |
| research and production honeypots |
| warez |
| 0-day |
| Nova Project (honeypots) |
| nmap |
| WinPcap |
| Sega Dreamcast |
| AS/400 |
| Labrea Tarpit |
| honeytables |
| SQLmap |
| blind SQLi |
| honeyports |
| honeyport.ps1 |
| PowerShell |
| Artillery |
| iptables |
| Set-ExecutionPolicy Unrestricted |
| TrustedSec |
| Dave Kennedy |
| ifconfig |
| telnet command |
| Artillery is a polling file integrity monitor |
| syslog |
| BearTrap |
| Ruby |
| YAML |
| FTP |
| Tor |
| proxychains |
| TORProxy |
| Nessus |
| JavaScript |
| Java |
| Word |
| Decloak - HD Moore |
| Flash |
| Decloak custom DNS server |
| Word Web bugs |
| ISP |
| Social Engineer’s Toolkit (SET) |
| BeEF |
| AV bypassing |
| robots.txt |
| Googlebot |
| Yahoo |
| karma attacks - wifi |
| Claymore portscanner wifi |
| WiFi deauthing |
| 802.11 |
| MDK3 |
| void11 |
| i love my neighbors wifi |
| whoami |
| honeyloader - geolocation via nearby APs |
| PushPin social media |
| Network Access Control (NAC) |
| Data Loss Prevention (DLP) |
| Einstein’s definition of insanity |
| Conficker |
| Blaster |
| Zotob |
| RPC |
| SMB |
| Hyena - installed applications |
| wmic |
| SCCM |
| defense in depth |
| firewall |
| netsh firewall |
| software restriction policies |
| firewall bypass |
| TCP fragmentation |
| fragroute |
| IPv6 |