Learnings from HackTheBox
Security is a negative goal and no amount of security awareness will qualify as good enough, it is a continuous process. This statement always triggers me to stay ahead in the game of security awareness, and my go-to platform is HacktheBox (or HTB as we call it).
HTB’s real-life equivalent machines have immensely helped me to understand the holistic security perspective, in short, don’t apply a bandage on the thumb if you’ve hit your toe, and working on real Life equivalent machines help you to have a fresh perspective of the security, for example, an environment with NexGen firewall, WAF, IPS, etc. but with a vulnerable unpatched Webserver is as good as no protection at all.
I have pwned seven active machines in the last two weeks and now sharing space (31 rank) with the elite hackers of Singapore on the HTB platform, I have some high-level learnings to share, doesn’t matter how stereotypical it may appear, certain facts are proven to be true while working in this environment.
- Unpatched applications / OS are always the weakest links: There are tonnes of ready-to-use exploits at everyone’s disposal.
- Admins and users are still the weakest links, and their “Forgotten” Backdoors are a big risk: Do not keep “juicy information” on your machines.
- You can hack anything, with persistence: While this statement may appear conceited but it is true unfortunately, there are loopholes in every environment, some are known while some are not ( sorry for being Captain Obvious here) the good guys are bound to know the loopholes before the bad guys do, hence the good guys must understand the patterns of activities and methods that most of the threat actor employ for their targets.
- Test your security products against the latest TTP: It helps you to understand how well protected you are, as most of the time the security products in use can be an outcome of market hype.