Why Do These Attacks Work So Well?
Why do these attacks work? Why would anyone create these powerful tools to exploit these vulnerabilities and common mis-configurations? Why would you teach someone how to do such destructive things? One misunderstanding is that when we build out the labs to do these stories we’re downloading dangerous malware like software that would be toxic to our network should it get loose. That couldn’t be further from the truth.
In this series by STEALTHbits all the tools are all developed by people trying to do good, are quite stable, and are only really dangerous if you use them to do something bad. The people who make these tools are mostly penetration testers working to keep the bad guys out by outsmarting them before they even know they are in a contest. These tools do get used by the bad guys for sure, but the hope of their creators is that by the time the bad guys are using their tools, it’s too late because the tools have done their job. That job is to expose where things aren’t secure enough so people can get themselves into a better security posture to make sure the bad guy showing up with the same tool won’t stand a chance.