Episode 3-Defeating IDS and Firewalls: An Intro to Shell Strategy

Regardless of the engagement, whether it’s a full-scale penetration test of a large corporation, or a small capture the flag (CTF) tournament online, we as security professionals often run into real-time host intrusion protection, or maybe just simple firewalls in some instances. Both intrusion detection/prevention systems (IDS/IPS), and firewalls, are relatively simple at a high-level, and therefore can be bypassed with high-level strategy. In this article, we will go from the basics of establishing command and control (C2), to popping…