A few weeks ago I saw a Post over at hackforums.net that stated Bypassing Machine Learning tools and behavioural analysis. Intrigued by this I took a look only to find that it was someone promoting their new book How To Hack Like a Legend, after a few minutes it dawned on me that this was Sparc FLOW the same author of books like How To Hack Like a PornStar and How To Investigate Like a RockStar, “both of which are great reads”. Cheekily I asked for a review copy of his new book and to my surprise, he actually sent me one.
About Sparc FLOW
Sparc Flow is a computer security expert. He specializes in ethical hacking and has presented his research at international security conferences like Black Hat, DEF CON, Hack In The Box,…
While his day job consists mainly of hacking companies and showing them how to fix their security vulnerabilities, his passion is writing and sharing the insight he gained in the security field.
His first book “How To Hack Like a PornStar” captures the essence of multiple situations he faced in real life and offers the reader a peek into the world of hacking and penetration testing.
Hacking the Planet
Sparc’s latest offering How To Hack Like a Legend which is part of his Hacking the Planet series takes you on a fictional journey on how a hacker breaks into a secretive offshore company. This journey takes many twists and turns as he comes up against modern security techniques like machine learning, behavioural analysis, artificial intelligence stopping most hacking tools dead in their tracks.
He starts you off by building a resilient C2 infrastructure using cloud providers keeping your hacking infrastructure scaleable, anonymous and secure throughout. He Then shows you how to set up a successful phishing platform from scratch,
Using OSINT techniques and the phishing platform, Sparc gains a foothold on one of the suppliers linked to the target, only to be kicked out of the network within minutes due to his suspicious activity. Of course, he does regain access but is more cautious this time on what tools he is using. Showing you ways to evade MS ATA, ATP and the QRADAR SIEM even disabling all new Windows Server 2016 security features (AMSI, ScriptBlock logging, Etc.).
Sparc ends up backdooring the accounting software used by the target triggering some file-less malware and giving him access to the final targets internal network. After that, it’s not long before he is domain admin with access to personal data of thousands of shell companies and their beneficiaries.
How To Hack Like a Legend is a well written, story lead, day in a life of a hacker taking you into his hacking mindset and showing the reader even failure can be turned into a successful hack. This sort of hands-on material is normally only ever gained through experiences in real life. Above all, being able to get all this information down on paper and wrapping it all up with a fictional story really shows Sparc knows what he’s talking about.
The Book does assume some prior knowledge of basic security principles which if your not 100% on you should take a look at some of his previous books like How To Hack Like a PornStar first before sinking your teeth into this one.
How To Hack Like a Legend covers everything from enumerating a target, setting up a successful phishing campaign, backdooring software even ways to bypass next-gen antivirus products. This book is not a definitive guide to hacking but Sparc never makes it out to be.
There are lots of links throughout the book for you to go and find out more information about a particular tool or attack yourself. He has even set up an accompanying Github page for any custom scripts or tools referenced in each of his books, for you to download and try.
I personally recommend How To Hack Like a Legend or any of his other titles (See full list Below) to anyone with an interest in seeing the anatomy of a hack. Throwing out any myths of what you see in the movies (well except maybe Mr Robot). giving you a taste of what real hacking is about.
Hacking books usually come in two forms, giant manuals on one particular subject or are so generalised and vague that they are mainly useless but what Sparc does in his Hacking the Planet Series is flip this around and makes you feel like it is your first day on a Pentest and you are shadowing a more experienced pentester, giving you tips and explaining any pitfalls along the way.
Even though I was lucky enough to get a review copy of How To Hack Like a Legend, I have already purchased a physical copy to add to my collection and with Christmas just around the corner would make a nice stocking filler for any security enthusiast.
Where You Can Purchase
You can purchase a copy of this or any of his hacking the planet series by clicking the links throughout this review or the pictures below. In doing so you will not only help support an independent author but will also be supporting Hemp’s Tutorials. Helping us create more content for you.
As always post any comments below. let me know if any of you have purchased any of Sparc’s books recently and what you think of them ??