Toolkit Prep
Welcome to the module on toolkit creation. A toolkit is a set of utilities that enable you and your team to achieve operational goals in the most efficient manner possible. Your toolkit is a force multiplier that will enable you to minimize the time you spend developing exploits during the game and maximize the return on your development time.
A good toolkit is well rounded and easy to use. You should incorporate software that allows members of your team to communicate effectively, work collaboratively, automate common tasks and provide situational awareness of the game as it plays out.
Lecture
- Creating a SOC
- Stealth Rootkit Development
- Toolsmithing Case Study
- Organizing and Participating in CTF
- RTFn
Workshop
Create three lists. Populate the first list with the functionality your ideal toolkit would provide. Populate the second list with software that can provide that functionality. Use the third list to rank in order of importance functionality that is inadequately supported by the software from list two. Begin developing software that fills in the gaps of your ideal toolkit.
Some functionality you should not neglect:
- Management of exploitation, key aggregation and submission.
- Stealthy and secure payloads or persistence methods.
- Secure communication and collaboration.
- Network/Host situational awareness.
Resources
- Meterpreter Functionality Outline
- IDA Python Overview, IDA Python Download
- NASM Documentation
- Pyershark
- Code you might find useful from the pwntools (Python) and Ronin (Ruby)