Hacker Tools and Techniques Introduction
Last updated
Last updated
Testing is often done without proper permission. Some people think it's okay to test a friend's or their company's network, but it's important to always get written permission. A verbal agreement isn't enough.
Always get permission from your company before using hacking tools to find vulnerabilities. A sample permission form is available at https://www.counterhack.net/permission_memo.html. Have your legal team review and adjust it to fit your needs. This form is only for employees testing their own company, not for third-party testers, as it lacks necessary legal protections for them.
The MITRE ATT&CK Framework is a free resource that maps tactics, techniques, and actions used by attackers, based on real-world events. It helps track how attackers operate, from gaining access to stealing data, and identifies the groups behind these techniques.
ATT&CK provides a standard way to describe attacks using clear and consistent language. It helps ensure everyone uses the same terms and definitions for real-world attacks.
It's tough to define how different attackers work. The MITRE ATT&CK Framework helps by breaking down attack methods, giving us a clearer idea of how attackers act and how to defend against them better.
The MITRE ATT&CK Framework project is available at https://attack.mitre.org.
A screenshot of part of the enterprise attack matrix shows attacker techniques under column headings like initial access, execution, and persistence. Each column lists specific techniques (e.g., drive-by compromises for initial access), with sub-headings for related methods.
Clicking on the links in this matrix gives details on how attackers perform a drive-by compromise, including which threat groups use this method and the tools they use.
The ATT&CK enterprise matrix might seem confusing at first, but after a few minutes, you'll see its value for defenders. It helps us understand attacker methods, assess our organization's readiness against these attacks, and gain insights about specific threat actors and their target industries compared to ours.