BREAKING & ENTERING

A Pocket Guide for Friendly Remote Admins

 

Give yourself an additional boost on your next penetration test – or capture-the-flag competition – with “Breaking & Entering: A Pocket Guide for Friendly Remote Admins” created by Bishop Fox Senior Analyst Andy Doering.

 

 

Download the first edition here:

What's inside:

Previously introduced at DEF CON 29, “Breaking & Entering” is designed to be an easy-to-consume, user-friendly resource for sysadmins, penetration testers, and other security professionals. It provides readers with a comprehensive offensive security roadmap, covering every phase of an engagement from beginning to end. Discover techniques and shortcuts for conducting OSINT and reconnaissance, host enumeration and post-exploitation, secure pivoting (tunneling), and exfiltration.

Other things you’ll find within the guide include the following:

  • Information on how Google hacking (or “Google Dorking”) can allow you to level up your OSINT efforts
  • A thorough initial list of commands for investigating a host system
  • An SMB/Kernel version chart for matching enumerated information to system versions, common registry locations
  • Useful technical documentation references like NIST publications and tunneling worksheets
CTF-Pocket-Guide-Lander-View-1

DOWNLOAD THE FIRST EDITION


We are also working on a v2 of “Breaking & Entering,” which will include new focuses on cloud security and Shodan searching. If you have any suggestions for how to make the guide a more useful reference, please reach out to us at contact@bishopfox.com.

“Breaking & Entering” is a free and dynamic resource meant to benefit the greater security community.

CTF-Pocket-Guide-Lander-View-2
 

ABOUT THE AUTHOR

Andy Doering

Andy Doering (@andydoering) is a Senior Analyst with Bishop Fox’s Continuous Attack Surface Testing (CAST) team. Prior to his time at Bishop Fox, he served as a Non-Commissioned Officer in the U.S. Army where he worked as a Senior Exploitation Analyst and Training Lead, developing a specialization in Computer Network Operations (CNO), Digital Network Analysis (DNA), and Intelligence Surveillance and Reconnaissance (ISR). Outside of work, he spends his time between being a full-time cat dad, part-time plant dad, designing, brewing beer, wine, and coffee, and working with custom keyboards.