From the introduction:
You’ll notice the change in language since the last edition [1]. The English-speaking world already has tons of books, talks, guides, and info about hacking. In that world, there’s plenty of hackers better than me, but they misuse their talents working for “defense” contractors, for intelligence agencies, to protect banks and corporations, and to defend the status quo. Hacker culture was born in the US as a counterculture, but that origin only remains in its aesthetics – the rest has been assimilated. At least they can wear a t-shirt, dye their hair blue, use their hacker names, and feel like rebels while they work for the Man.
You used to have to sneak into offices to leak documents [2]. You used to need a gun to rob a bank. Now you can do both from bed with a laptop in hand [3][4]. Like the CNT said after the Gamma Group hack: “Let’s take a step forward with new forms of struggle” [5]. Hacking is a powerful tool, let’s learn and fight!
[1] http://pastebin.com/raw.php?i=cRYvK4jb
[2] https://en.wikipedia.org/wiki/Citizens%27_Commission_to_ Investigate_the_FBI
[3] http://www.aljazeera.com/news/2015/09/algerian-hacker-hero-hoodlum-150921083914167.html
[4] https://securelist.com/files/2015/02/Carbanak_APT_eng.pdf
[5] http://madrid.cnt.es/noticia/consideraciones-sobre-el-ataque-informatico-a-gamma-group
I thought the shout out to hard working Russian hackers was a nice touch!
If you are serious about your enterprise security, task one of your better inforsec people to use HackBack! A DIY Guide as a starting point against your own network.
Think of it as a realistic test of your network security.
For “everybody a programmer” advocates, consider setting up networks booting off read-only media and specific combinations of vulnerable software to encourage practice hacking of those systems.
Think of hacking “practice” systems as validation of hacking skills. Not to mention being great training for future infosec types.
PS: Check computer surplus if you want to duplicate some current government IT systems.
I first saw this in FinFisher’s Account of How He Broke Into Hacking Team Servers by Catalin Cimpanu.