SANS InfoSec Reading Room - Hackers

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Sandstorm Enterprises, Inc.

Featuring 11 papers as of May 23, 2013
PDF The User Agent Field: Analyzing and Detecting the Abnormal or Malicious in your Organization
By: Darren Manners (posted on February 7, 2012)
In the early days of the Internet, users had to type in text commands to navigate. Tools were later developed, E.g. early browsers, to be the "user's agent" so that commands did not have to be typed in to navigate -­&#8208; the user could simply click to navigate.
PDF Profiling Hackers
By: Larisa Long (posted on February 7, 2012)
Hacking without permission and authorization is considered illegal. But let's face it, that's why the subject of hacking is so appealing. But for much of the population, hacking is an elusive subject.
PDF Using Windows Script Host and COM to Hack Windows
By: Alex Ginos (posted on January 3, 2011)
During the exploitation phase of penetration testing, the attacker may establish a “beachhead” on a target machine by running an exploit against a vulnerable network service. Often this results in a command prompt. At this point, the question becomes: “How can the command line be used to advantage to access sensitive information, escalate privileges and find and attack other hosts?” There are numerous useful hacking tools that can help with this but initially they are unlikely to be present on the compromised system. The attacker needs to bootstrap the process of further discovery and exploitation using only the limited tools and privileges available at the command prompt. In some cases, it may be necessary to evade detection by avoiding suspicious executables that may be flagged by anti-malware software running on the target. This paper explores the possibilities of using command line scripting tools and software components that are likely to be present on most Microsoft Windows systems to facilitate penetration testing.
PDF Attack vs. Defense on an Organizational Scale
By: Omar Fink (posted on December 11, 2007)
PDF Three Different Shades of Ethical Hacking: Black, White and Gray
By: David Hafele (posted on May 2, 2004)
Corporations and other entities are faced with the unenviable task of trying to defend their networks against various types of intrusive attacks.
PDF The Brazilian Connection: Brazilian Defacement Groups Stake their Claim
By: Michael Poor (posted on October 31, 2003)
This paper takes look at three separate Brazilian hacker groups, two of whom were interviewed by the author of this paper.
PDF Can Hackers Turn Your Lights Off? The Vulnerability of the US Power Grid to Electronic Attack
By: Jonathan Stidham (posted on October 31, 2003)
This paper addresses specific areas of vulnerabilities within the U.S. power grid, and suggests an overall strategy and some specific actions appropriate for these vulnerabilities.
PDF Crossing the Line: Ethics for the Security Professional
By: Scott Carle (posted on October 31, 2003)
This paper briefly talks about several systems of ethics and then we will apply them to situations that we as IT security personnel face.
PDF The Fundamentals Of Computer HACKING
By: Ida Mae Boyd (posted on October 31, 2003)
This paper outlines the steps that a hacker must follow to make a foot print of an organization.
PDF Corporate LAN Intranet Server Compromise
By: Jason DePriest (posted on May 22, 2001)
A detailed account of how one company's Intranet server administrator tested his organization's server security by successfully hacking into the server.
PDF Hacking: The Basics
By: Zachary Wilson (posted on April 4, 2001)
The basics of IT security for less security conscious IT professionals and end-users on exactly who is out there and what they are doing to get in.
SANS Reading Room

It was the most interesting and educational training I've ever attended. I learned more in this week than in the past year.
-Michael McAndrews, Irwin Mortgage Corp.

SANSFIRE 2013 - Washington

Latest Whitepapers

Event Monitoring and Incident Response
By Ryan Boyle

Dead Linux Machines Do Tell Tales
By James Fung

Setting Up a Database Security Logging and Monitoring Program
By Jim Horwath

Latest Tweets

Excellent blog post by @MarkBaggett on pen testing MS SQL vi [...]
May 22, 2013 - 7:39 PM

#appsec "WhatWorks in AppSec: Log Forging" http://t.co/Gsq91O7UAH
May 22, 2013 - 10:00 AM

DFIR Webcast starts in 75 minutes - 50 Shades of Hidden - Di [...]
May 17, 2013 - 3:46 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health & Security

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee