Precision Strike

00:00

Hello and welcome to another penetration. Testing, execution Standard discussion Today we're gonna briefly touch on what precision strike means within the pee test standard.

00:11

Now a quick disclaimer. Pee Test videos do cover techniques and tools that could be used for system hacking. So any tools or techniques discussed or demonstrated should be researched and understood by the user. Please researcher laws and regulations regarding the use of such tools in your given area to ensure that you don't violate any applicable laws. Now

00:31

the overall objectives of today's discussion are to describe what a precision strike is and to describe what a precision strike is not so very straightforward, very simple discussion today. So a precision strike is essentially

00:48

our effort to simulate

00:50

an attacker and their effort against the organization. So the value brought through a penetration test is generally not through smash and grab techniques, where the attacks are noisy in nature and tried to do every exploit across the network.

01:06

So this approach may be particularly useful at the end of the penetration test to gauge the level of incident response from the organization.

01:12

But in most cases, the exploitation phase is an accumulation of specific research on the target.

01:19

So remember,

01:21

we've taken the time to analyse vulnerabilities. We've taken the time to research our target to understand what could be the path of least resistance and the easiest way to exploit a system based on either proof of concept, actual testing, whatever the case may be.

01:38

And so if we go in with the hell Mary and instantly trigger all of the alerts across the organization and across all the systems, then we've really kind of spoiled the exercise and

01:51

made the client aware of our presence. And so most Attackers are not going to be that brazen. They're going to attempt to extend the level of access to a system for as long as possible and attempt to get everything that they can without being detected. Typically, if they are detected, they'll smash and grab and just get out of there as quickly as possible.

02:09

So what a precision strike is not with respect penetration test. So in the arm, a Taj tool, we talked about the Hell Mary piece that is not a precision at all. Insane scans through and map. The use of unbalance dated exploits the use of exploits for service is not found on a given system,

02:27

not attempting to evade detection at all. Mass mailer attacks where you're just throwing the same e mail across the organization to every inbox at the same time.

02:36

Nothing subtle about that enough. It's like we're trying to hit the bull's eye on a dark board, but we do it with a handful of darts instead of one dart at a time and in a methodical and slow manner. And so,

02:47

if you're approaching your penetration, testing from that smash and grab perspective than that should be discussed up front with the client again. You can use that to test the response capability of the organization. Maybe that's the goal. They want to do a proof of concept for a particular tool. They want to understand if across the organization you can get into multiple systems at a time.

03:07

And really for them, cost is a factor.

03:10

Therefore, time is a factor on your end,

03:14

and you're just trying to do some proof of concept as quickly as possible to see if you can get into a system based on client feedback and direct interaction with them in the engagement. Otherwise if you're trying to simulate an actual threat actor. These are just a few things that you would not want to do in the list, you know goes on essentially.

03:32

So let's do a quick check on learning. True or false, A precision strike is considered a well researched, untested attack, but attempts to exploit a system with minimal disruption and attack detection.

03:46

All right, well, if you need additional time, please pause the video and take a moment.

03:50

So in this case, a precision strike is considered well researched. It is considered tested. It attempts to exploit a system with minimal disruption and attacked detection. So, overall, this is a true statement.

04:04

So as promised, this was a pretty short discussion today. So we just discussed again at a high level. What a precision strike is what it is. Not again focusing on mimicking the Attackers behavior not flagging. You know, ideas. I p A systems, if possible,

04:21

and trying to be a stealthy in the engagement as we can. So any time we do a Hail Mary type attack a week, though, everything in the kitchen sink at systems.