I just recently learnt a set of Offensive and Defensive tools.

Offensive tools such as - Hydra, a fast network logon cracker used to retrieve website credentials. Gobuster, utilised for enumeration. SQL Injection, which is not a tool but an attack that takes advantage of the interactions between an application and database, attackers leverage SQL Queries to perform injection attacks. Lastly, the different types of shells, which are software that enables one to interact with their Operating system. Reverse Shell, is one of many techniques used to gain access to a system. A connection originates from the target system, which the attacker connects to. Giving the attacker the ability to bypass any firewalls or security systems.

Defensive tools - CyberChef, a web-based application providing various cyber operation tasks within a web-browser, ranging from encodings, encryption and decryption. CAPA(Common Analysis Platform for Artifacts), designed to point out the capabilities in an executable file such as Portable Executables(PE). REMnux, A Linux distro which contains a plethora of tools and a sandbox-like environment to dissect malicious software, without the potential of contracting any dangerous entities on your system. The final cookie in the jar is… FlareVM, which is similar to REMnux, not a single tool, but a meticulously grouped set of specialized tools, to meet the specified needs of reverse engineering.

These Offensive/Defensive tools stored within my arsenal give me the capabilities to infiltrate one’s fortress, and fend off heathens infiltrating my fortress XD. All complex tools, with their own set of capabilities, and complexities.

Despite all the benefits that come with my arsenal, I’m able to see the nuance of the offensive and defensive tools. Offensive tools tend to primarily operate within the terminal. I’ve recollected memories of Hollywood blockbusters depicting hacking as this elaborate task, immersed with colourful GUIs, and interactive software, but in reality… No fancy visuals, No fancy software, just black and white text, on a dull terminal. It can sometimes be boring. Now don’t get me wrong, once you realise the power you attain through this colourless screen, that excitement did reignite, but only after I knew what was happening XD! Which shattered my Hollywood idea of what a hacker’s visual experience is. Whilst the latter has a mixture of tools operating on the terminal, or contain their own software.

I do believe that tools categorized under one, can be utilised under the other - A hacker could use a defensive tool to possibly test how undetectable their exploit is or could be. Whilst a participant on the other side could intentionally use offensive tools to test the capabilities of their security solution. So necessarily allocating tools to specific sides could be redundant if they can play both. (Spitting Knowledge right here!!!)

I’ve recently spoken out on how my experience with these types of tools needs way more cultivation, as the simplistic tasks given don’t give me a strong grasp on the tool in question. When working with Hydra for example, a task required me to bruteforce a user’s (Molly) web password, and find the flag that has been intentionally placed by the educators. They’re guides, and usually the task required is based on a passage just recently read, so one knows what to expect, and what is expected. Though in the real world that’s not the case. It’s just like programming where one needs to have the essential problem-solving skills to acknowledge when to and when not to - How do I know when to use Hydra, when is it the best time to use Hydra. This cognitive skill is only cultivated through iteration. So finishing each module isn’t the end, but the foundation to my constant learning.

I’m almost complete with the cyber security 101 module which is a proud milestone I’m itching to reach. Not only will this instill a sense of pride, I’ve also gained the necessary knowledge to try the challenges to practice and utilise the skills learnt, and this will be the domain where I will use the tools, to truly understand when and where to use them, when necessary.

The challenges will not tell me how to infiltrate a website, or gain access to a user’s credentials. It will just inform me what is expected, and how I get there is up to me, and this is where I’ll see if I truly understand what I’ve learnt.