What do you think?
Rate this book
Hacking the Planet #8
How to Hack Like a GHOST: A detailed account of a breach to remember
There are a thousand and one ways to hack an Active Directory environment. But, what happens when end up in a full Cloud environment with thousands of servers, containers and not a single Windows machine to get you going?When we land in an environment designed in the Cloud and engineered using the latest DevOps practices, our hacker intuition needs a little nudge to follow along. How did the company build their systems and what erroneous assumptions can we take advantage of?This book covers the basics of hacking in this new era of Cloud and Break container isolation, achieve persistence on Kubernetes cluster and navigate the treacherous sea of AWS detection features to make way with the company’s most precious data.Whether you are a fresh infosec student or a Windows veteran, you will certainly find a couple of interesting tricks to help you in your next adventure.
- GenresHackersTechnology
224 pages, Paperback
Published February 29, 2020
43 people are currently reading
115 people want to read
About the author
Sparc Flow
11 books42 followersSparc Flow is a computer security expert.
He specializes in ethical hacking and has presented his research at international security conferences like Black Hat, DEF CON, Hack In The Box,...
While his day job consists mainly of hacking companies and showing them how to fix their security vulnerabilities, his passion is writing and sharing the insight he gained in the security field
His first book "How to Hack Like a Pornstar" captures the essence of multiple situations he faced in real life and offers the reader a peak into the world of hacking and pentesting
He specializes in ethical hacking and has presented his research at international security conferences like Black Hat, DEF CON, Hack In The Box,...
While his day job consists mainly of hacking companies and showing them how to fix their security vulnerabilities, his passion is writing and sharing the insight he gained in the security field
His first book "How to Hack Like a Pornstar" captures the essence of multiple situations he faced in real life and offers the reader a peak into the world of hacking and pentesting
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
March 13, 2020
Sparc Flow did it again, another instant classic.
Modern infrastructure is everywhere these days, this is one of a few books (perhaps only) that unveil the full cyber kill chain in a modern infrastructure setting. There are many books, articles, and tools that present security and insecurity in cloud, container, and Kubernetes but rarely the full attack path. Like other books on the series, it narrates an attack path of a hacker trying to hack a modern data analytic company to steal confidential cooperate data. What also great about the Hack like a * series is that he really embodied the idea of attackers thinks in graphs, defenders think in lists into this very book. At every stage of attacks, usually, more than one path will be discussed, which expose the readers to the plethora of vulnerabilities and misconfiguration that can be exploited to gain a better posture.
There are too many nuggets in the book about attacking modern infrastructure, some of my favorite TTP are:
Ec2 credentials enumeration
Docker Container enumeration
Kubernetes service token forging
Bug chaining in a cloud environment
persistence in Kubernetes
Executing a malicious Spark job
and etc...
Modern infrastructure is everywhere these days, this is one of a few books (perhaps only) that unveil the full cyber kill chain in a modern infrastructure setting. There are many books, articles, and tools that present security and insecurity in cloud, container, and Kubernetes but rarely the full attack path. Like other books on the series, it narrates an attack path of a hacker trying to hack a modern data analytic company to steal confidential cooperate data. What also great about the Hack like a * series is that he really embodied the idea of attackers thinks in graphs, defenders think in lists into this very book. At every stage of attacks, usually, more than one path will be discussed, which expose the readers to the plethora of vulnerabilities and misconfiguration that can be exploited to gain a better posture.
There are too many nuggets in the book about attacking modern infrastructure, some of my favorite TTP are:
Ec2 credentials enumeration
Docker Container enumeration
Kubernetes service token forging
Bug chaining in a cloud environment
persistence in Kubernetes
Executing a malicious Spark job
and etc...
Displaying 1 of 1 review