SANS InfoSec Reading Room - Scripting Tips

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

HPEnterpriseSecurity1

Featuring 5 papers as of May 19, 2013
PDF Using Windows Script Host and COM to Hack Windows
By: Alex Ginos (posted on January 3, 2011)
During the exploitation phase of penetration testing, the attacker may establish a “beachhead” on a target machine by running an exploit against a vulnerable network service. Often this results in a command prompt. At this point, the question becomes: “How can the command line be used to advantage to access sensitive information, escalate privileges and find and attack other hosts?” There are numerous useful hacking tools that can help with this but initially they are unlikely to be present on the compromised system. The attacker needs to bootstrap the process of further discovery and exploitation using only the limited tools and privileges available at the command prompt. In some cases, it may be necessary to evade detection by avoiding suspicious executables that may be flagged by anti-malware software running on the target. This paper explores the possibilities of using command line scripting tools and software components that are likely to be present on most Microsoft Windows systems to facilitate penetration testing.
PDF Capturing and Analyzing Packets with Perl
By: John Brozycki (posted on January 28, 2010)
The steps in setting up a Windows system with Perl and the necessary add-ons to be able to run and create packet capturing Perl scripts.
PDF Practical PERL for Security Practitioners
By: Holt Sorenson (posted on March 25, 2004)
This paper introduces PERL as a useful, flexible, and extensible tool for the security practitioner. References to resources are provided so that the reader may expand their knowledge beyond the concepts presented here.
PDF Using Scripts to Exploit and Mitigate Risks
By: Robert G. Rodriguez (posted on February 5, 2004)
This paper discusses how scripts can best help you and your unique situations by covering some of the commands that really make a script what it is; powerful.
PDF Using The WinBatch Scripting Language To Automate Security In An NT4 Environment
By: Terry Chapman (posted on October 31, 2003)
In this document I will endeavor to guide you through a couple of relatively simple scripts in order to demonstrate that getting started with scripting is not as a daunting task as you may have considered.
SANS Reading Room

SANS courses bring the best of the best to one place to learn cutting edge information.
-Jeremy Baca, LMIT at Sandia National Labs

SANSFIRE 2013 - Washington

Latest Whitepapers

Event Monitoring and Incident Response
By Ryan Boyle

Dead Linux Machines Do Tell Tales
By James Fung

Setting Up a Database Security Logging and Monitoring Program
By Jim Horwath

Latest Tweets

DFIR Webcast starts in 75 minutes - 50 Shades of Hidden - Di [...]
May 17, 2013 - 3:46 PM

New blog post by @yorikv on pen test tips for file analysis. [...]
May 16, 2013 - 5:07 PM

New Blog Post: SANS EU #DFIR Summit in Prague - Call for Spe [...]
May 16, 2013 - 12:33 AM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health & Security

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"SANS always provides you what you need to become a better security professional at the right price."
- Rasik Vekaria, BP