Thought some may find interest... So I started what I expect to be a point/counterpoint series on cyberwarfare. It's from the scope of an attacker (hacker) speaking to an intel analyst who is analyzing cyberwarfare in a "you're doing it wrong" fashion. My goal, to help others in the field understand how to think like an attacker for the sake of helping them understand more as an analyst...
-----------
Art of CyberwarfareBefore you jump into these documents be advised that there is somewhat of a framework behind these writings as I intend on making these writings into somewhat of a series. At the time of this writing, I am currently reading: "Intelligence Analysis - How to Think in Complex Environments" by Wayne Michael Hall, Brigadier General (Retired), U.S. Army and Gary Citrenbaum, Ph.D. since I find intelligence analysis to be a fascinating art. My background is a security professional in which I perform all sorts of information and system security work.
This includes vulnerability research, exploitation and development (my work is residual in FRSIRT ADV-2006-4098, CVE ID: 2010-2283, CVE ID: 2006-3880, CVE ID: 2007-2161, MITRE CVE-2006-5445, Secunia ID: 22480 22651 22979, SCIP VulDB ID: 2488, ISS X-Force ID: 29664, OSVDB ID: 29972, Bugtraq ID: 19135, ISS X-Force ID: 33715, OSVDB ID: 43310 43311 43312 43313), black/white/grey hat work, VoIP security and forensics, systems and network forensics and incident response. Security writings from time to time in what some have labeled as “uncouth,” “arrogant” and or “in your face.” (Personally, I like to believe that I call it how I see it with a hint of Howard Stern or Steven Colbert.)
To understand where I am coming from in these writings, it would help if you either picked up a copy of the book Intelligence Analysis, or understand where the concepts are being taken from (the book). As I read the book, I will try to place them into a “cyberwarfare” point of view. While I may from time to time use technical terms, I am hoping that the reader have some form of experience in systems administration or engineering, perhaps incident response or forensics, maybe military or intelligence background or just want to read an alternative point of view concerning cyberwarfare.
http://www.infiltrated.net/index.php?option=com_content&view=article&id=23&Itemid=29
General Certification : CISSP ISSAP
Hadnagy : [Article]-An Insider`s Look at the Social-Engineer.Org SE CtF at DEFCON
Editor-In-Chief : Free Webcast: Don't Pick the Lock, Steal the Key - PW Auditing with Metasploit
Links to cool sites. : Ninja-Sec Challenge You !
Tools : Nmap 6 Released
