Security Weekly
Content

Do not be a Fanboy be a Hacker and Remove the Blinders

One of the things I have been seeing a lot lately is a lot of people going Metasploit is better than Core and Core being better than Canvas and vise versa, the same for Nmap Portbunny and Unicorscan, and many other tools available out there. This type of thinking is a bit worrisome especially since the people that say this should be rational people that understand the working of the tools and their limitations and advantages. One of the first thing I was tough when learning about weapons is that never to call a weapon “Baby”, “Toy” or any other nick name just call it a tool, that lesson stuck with me for many things in my personal life and my professional life. Software and hardware are just tools each has it advantages and its drawbacks, the more tools one can master the more flexible one becomes, especially since you will be able to choose the right tool for the right moment and will also give you the ability to verify your results. No matter how good tools are they are written by human beings, heck this is the main reason for those of us that work in security have a job to do since humans are not perfect and we live from that imperfection, To this day I have not seen one single tool that does not generate a false positive or a false negative at any given time. This notion of mastering different tools is of great importance for a pentester in general since the engagement are not only limited in time but also limited in scope and have rules of engagement that limits him on what he can do, so having the flexibility to do the job in a fast and accurate manner is of great value. Not only should this apply to tools but also to operating systems, I have seen people who if it is not Linux it does not exist and the same on the Windows camp, there are time that when getting a tool on one system might take several steps longer on one are super simple on the other, virtualization has helped a lot to minimize this gap by allowing the user to have several operating systems to host his tools and to test before committing an action against a customer system. Mastering of the basics and the concepts makes the difference between being a script kiddy or a thru security professional, this mastery of the concepts and tools is what really gives the flexibility of choosing the right tool for the job.

Carlos Perez

Carlos is currently the Principal Consultant, Team Lead for Research at TrustedSec and well-known for his research on both Metasploit and Windows Powershell. His blog www.darkoperator.com carries the tag line: “Shell Is Only The Beginning”.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.