Chapter 8

Subvert (Controls Bypass)

IN THIS CHAPTER

Stopping subvert attacks with antivirus software

Simulating subvert attacks with Nmap

Discovering the vectors hackers use in subvert attacks

Exploring ways hackers bypass controls

The definition of subvert is to undermine and get within control. In the realm of IT security, this means you get within and beyond controls or control points that are meant to secure access. Subvert attacks bring their own intense brand of nastiness to the security equation.

Advanced persistent threats (APTs) are the holy grail of hacker attacks where an attacker can infiltrate, gain what they need, and then move to exfiltration undetected with the goods. There are other attacks that are less advanced such as bypassing controls such as an access list without being caught or logging into a system undetected to access data. Some malware can also be introduced to elevate privileges of accounts that can then be used to bypass other security controls.

In this chapter, I discuss these and other forms of subvert attacks.

Toolkit Fundamentals

In this section, ...

Get Penetration Testing For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Penetration Testing For Dummies by Robert Shimonski

Subvert (Controls Bypass)

Toolkit Fundamentals

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly