The Fun House - Part 2

Continues from Part 1.

While I was calling the guys at the office I decided to check the sniffer. I browsed the captured packets and to my surprise I saw a couple of netbios connections. Working backward and running a bunch of tools I managed to decrypt the credentials used to connect to those computers. One was a user and the other was an administrator.

Now I not only had two backdoors on their internal network, but also I had an admin password. Administrator to what, I still didn't know at this point.

The next day at the office we were getting plenty of unrestricted access to the customer's network. The first thing we tried was to find the email server and see of we can have access to the top execs emails. While I was looking for the server, one of the guys in the team found the domain controller and when he tried the admin account I captured the previous day he found out it worked. Yes, now we had the domain controller under our, well, control. We have control of the domain and we can impersonate the administrator.

It was time to start having fun.

The concept of adaptive decision-making is best understood as the mental process of effectively reacting to a change in a situation. In the simplest terms, it refers to problem-solving. There are three major factors involved. First, the essence of the concept is a behavior change. Obstinately continuing a course of action despite significant changes in the circumstances is not adaptive even if it is effective. Second, whatever responses are employed must be effective. It makes no sense if they make things more difficult. Lastly, any response must be in reaction to a change of circumstances. Change for its own sake is not adaptive.

Course Review: CAI Stealth Building Entry Course | Loadout Room →

As part of pre-deployment training, I had the chance to attend the Stealth Building Entry Course run by George Carey of Carey and Associates International. George Carey has 34 years of law enforcement experience and 25 years of tactical experience. He has worked with a number of government agencies over the years and is widely regarded is the leader in the field of covert entry training.

Covert barrier penetration and stealth entry techniques are taking their place along side mechanical and explosive breaching as essential tools for Special Forces. One of George’s mantras is “Preserving The Element Of Surprise”. Gaining undetected access can make reconnaissance more effective and allow you to prepare the objective for a swift and silent approach.

David Cowen: Running a Successful Red Team

As the red team captain for the National Collegiate Cyber Defense Competition (NCCDC) since 2007 Mr. Cowen has learned a lot on how to effectively coordinate a red team across multiple teams and objectives. In this presentation we will go over lessons learned, what’s effective, what you would think is helpful but hurts and how to get a team of normally solo super stars to become a team of super friends.

"Schneier’s Maxim #1 (Don’t Wet Your Pants Maxim): The more excited people are about a given security technology, the less they understand (1) that technology and (2) their own security problems."

Psychology And Advertising

Can you say social engineering? Check the video. It's a good one.

Mini pry-bar and titanium SERE Pick bogota lock picks

Lightweight tools of the trade

Red Teaming for Program Managers | IDART →

Red teaming or adversary-based assessment is a flexible tool that program managers use to understand threat and to deliver components and systems that achieve their mission in hostile environments. Red teaming methods apply across the full life-cycle from concept through retirement.

Do you have a Red Team? | Associate's Mind →

Red Teams are heretics. They try to buck expectations and throw a monkey wrench into solidified plans with little manpower and small resources. Red teams are generally smaller, underfunded, and placed at a disadvantage from the get-go. All things being equal, they are supposed to lose.

But a Red Team’s weaknesses also give rise to: creative problem solving, lateral thinking, intense team cohesion, strategic surprise, deconstruction of dogma. Essentially, a Red Team takes the role of advocate for a disadvantage adversary. Which is exactly what you need to cultivate within your office heading into litigation. Especially when you feel confident about your case.

Be sure to check the Eight Core Principles of Red Teaming on the same article.

"The efficacy of security is determined more by what is done wrong than by what is done right. (Because the bad guys typically attack deliberately and intelligently, not randomly.)"