主講者:YCY
綜觀各個受駭案例,不同的攻擊者可能利用類似的手法進行入侵。原先被設計來進行紅隊測試 (Red Team Assessment) 的工具,也遭到駭客的濫用,往往也開放原始碼,致使原先用於提升安全、進行安全評估的方法,淪為駭客的入侵手段。然而,工具的公開,是駭客的機會,同時也是防禦方的轉機。攻擊者可以隨意取得這些公開工具進行攻擊,而我們也能對這些工具同樣進行研究。本次的我們將透過這些常見的公開工具的研究,以駭客的思維了解這些工具、駭客的手法,進而提升網路防禦意識,確保網路安全。
Speaker:YCY
In many cases, different attackers may use similar methods for intrusion. Meanwhile, lots of tools designed to do Red Team Assessment are abused by attackers. These tools, as well as their source codes, are easily available in public. It makes the tools for security improvement and assessment become the intrusion means. However, the public tools are not only the attackers’ chances, but also the defenders' turning points. Attackers can access the public tools to attack at will, we can study the tools as well. In this talk, we understand attackers’ thinkings and methodologies through open source tools to strengthen the defense awareness and to ensure the network security.
轉載自 iThome 台灣資安大會2019
https://cyber.ithome.com.tw/2019/agenda