April 2019
Intermediate to advanced
508 pages
11h 57m
English
If we want to mine cryptocurrency (which you should never do during a legitimate PenTest), we will want to look at the CryptoCurrency:EC2/BitcoinTool.B!DNS and CryptoCurrency:EC2/BitcoinTool.B GuardDuty alerts. These alerts trigger on network activity that are associated with domains and IP addresses that are known to be associated with cryptocurrency-related activity (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_crypto.html). This means that we can bypass this by avoiding direct connections to known cryptocurrency-related domains and IP addresses, such as exchanges and mining pools.
Read now
Unlock full access