• 520@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      9 months ago

      Sherlock is an Open Source Intelligence (OSINT) tool. It is specifically made to gather information on a target, which is always step 1 of an attack.

      We can agree to disagree on whether it constitutes an attack tool, however it is clearly made with red teamers in mind.

      • mods_are_assholes@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        So I guess ping is a hacking tool now too huh?

        There isn’t a fuckdamn single drop of intellectual honesty in any of these comments.

        • 520@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          9 months ago

          So I guess ping is a hacking tool now too huh?

          Does ping have the potential to lead you almost directly to a potential attack path? Because Sherlock can.

          There isn’t a fuckdamn single drop of intellectual honesty in any of these comments.

          Well what the fuck would I know? I’ve only been a pentester/red teamer for 8 fucking years.

          Hey, wanna know what’s by far the most useful tool in a red teamer/attacker’s arsenal?

          A fucking notepad!

          Because the process isn’t about tapping a few fucking buttons and you’ve hacked into the mainframe. You gather information. You make links. You poke and prod at stuff. You try to keep a low profile while you also try to figure out where your objective is. Then, and only then, you make a final plan and go for the objective.