🍩
HackBook.io
  • Pentesting Pocket Book for hackers and developers.
  • Reconnaissance
    • Internal Recon Basics
    • OSINT
      • Infrastructure
      • Recon-ng
      • Users
      • Google Dorks
    • Active Scanning
      • NMAP
        • NSE
          • reconnoitre
        • NMap Evasion
      • NC Scan
      • Finger Printing
    • Web Server OSINT
      • WhatWeb
      • Subdomains
      • Directory & File Enumeration
        • Enumeration
          • GoCutty
          • gobuster
          • Dirb
          • nikto
        • Fuzzing
        • Crawling
  • Web Application Hacking
    • Web 101
      • Clients
      • Servers
      • Encodings
    • Web Hacking Techniques
      • SOP
      • Open Redirect
      • File & Resource Attacks
        • Directory Traversal
          • Dir Traversal Fuzzer
        • LFI
        • RFI
        • Unrestricted File Uploads
      • XSS
        • DOM
        • Stored
        • Reflected
        • Blind
        • Self XSS
      • XXE
        • XXE Payloads
      • XPath
      • SSRF
      • CSRF
      • SQLi
        • SQL Basics
        • Securing SQL
        • Hacking SQL
          • sqlmap
          • In-Band
          • Error Based
          • Blind
      • Authorization
      • Session Hijacking
      • Command Injection
      • Insecure Deserialization
      • File Uploads
        • File Upload Mitigations
      • HPP
      • Click Jacking
        • Adobe SWF Investigator
      • HTTP Response Splitting
      • Flash 101
        • Flash Hacking
      • HTML5
        • WebSockets
        • CORS
          • iframe
          • Headers
    • Web Hacking Procedures
      • Captcha
      • Username Generation
      • Username Enumeration
      • Inhouse WebApps
      • SSL Cert Generation
      • CMS
        • WordPress
        • Joomla
      • Popular Exploits
        • Bludit CMS
        • ShellShock
        • WebDav
  • Weaponization
    • Buffer Overflows (BOF)
      • DSBOFG
        • Scripts
  • Initial Access
    • 😈Services
      • Finger
      • SNMP
      • LDAP
      • SMTP
      • NFS
      • RPC
        • RPCBind
      • RDP
      • SQL
        • NoSQL
      • POP3
      • Samba
      • SMB
      • SSH
      • Telnet
      • NetBios
      • VOIP/SIP
      • DNS
        • DNS Lookups
        • Zone Transfer
        • SubDomain Enums
        • dnsdumpster
    • 😈Shells
      • Powercat
      • Odd Shells
      • Troubleshoot
      • TTY/PTTY
  • Persistence
    • File Transfers
      • Py->Exe->Txt
      • Cross compile example
    • Backdoors
  • Privilege Escalation
    • Universal Escalation
    • Windows Escalation
      • Automated
      • Popular Exploits
        • ActiveXObject to Wscript RCE
        • Macros
        • Object Linking
    • Linux Escalation
      • Automated
    • Passwords
      • John
      • Medusa
      • Cewl
      • ncrack
      • Crunch
      • Hydra
      • MITM
      • Responder
        • SAM
          • pwdump and fgdump
          • Pass-the-hash
      • Crack the hash
      • NTLM
  • Network Discovery
    • Network Traffic
      • tcpdump
    • Internal Discovery
  • Collection and Staging
    • Collection
      • File types
  • Hacking Objectives
    • Non Kinetic War (Quick Guide)
  • Procedures
    • Bash Guide
    • Active Directory
    • Crypto 101
    • Forensics
  • Glossary
  • Hacking Frameworks
    • Metasploit
      • msfvenom
    • Dsnif
  • ThreatModeling
    • Threat Modeling Overview
  • Certifications
    • VMDR
      • Qualys Asset Management
      • Qualys Vulnerability Management
      • Qualys Threat Prioritization
      • Qualys Response (Patch Deployment)
    • OSCP Cheat Sheet
  • RF - Radio Frequency
    • Ham Technician
Powered by GitBook
On this page
  • Non Kinetic War
  • 4 Categories of Governance
  • Ends, Ways, and Means
  • Principals of Cyber/Psychological War
  • Cyber Space Operations
  • The INTs (Intelligence)

Was this helpful?

  1. Hacking Objectives

Non Kinetic War (Quick Guide)

This is a quick guide to help you get an idea of how the battle field looks. It is meant to help you in your research so you are aware of these terms and groupings.

Non Kinetic War

Kinetic being bullets, bombs, and weapons of the visually physical world. The Largest categories of non kinetic war:

  • Psyops

  • Public Affairs

  • Civil Affairs

  • Cyber War

  • Electronic War

  • Economic War

4 Categories of Governance

US Presidents utilize these 4 elements and in some cases lean on some more than others. Countries like Russia tend to lean more on Informational. Not so much counterintelligence but more so in the technology realm to push psyops goals.

  • Diplomatic

  • Informational

  • Military

  • Economic

Ends, Ways, and Means

In Cyber Security this is often also called TTP(Tactic, Technique, and Procedure)

1) What is your desired end state. 2) How are we going to do it/get there, and then 3) what are the required resources that you will need.

What gives you as an Individual the power to make effectual changes is that the means is often just an internet connection and the willingness to learn.

Principals of Cyber/Psychological War

Objective: Use the below points to plan an attack and expected result. Hypothesize and learn, be scientific.

Offensive: If you are private sector then defend, if you are a citizen study up, follow the psyops news and data leaks to figure out hot to support as an attacker.

Mass: Put the majority of your forces in the spot that has the greatest effect.

Economy of Force: You can make a difference as one person.. but a friend can help even more.

Maneuver: Dont hack in one spot, use one service, TTP grouping for any length of time that can lead back to you. Stay vigilant and be ready to move quickly.

Unity of Command: Make sure your goals fit the larger picture and support other teams doing the same work. Don't let yourself be attributed back to the US in anyway.

Security: Operations security, cyber, humans(biologic), assets, people(civil/economic), intelligence

Surprise: Reduce reactionary planning time and reduced skepticism when going ghost

Simplicity: The simpler the attack plan is the more likely it is to work

Attribute
Traditional War
Non Kinetic War

Protagonists

Nations

Nations, Non-state Groups, Individuals

Declared

Yes

No

Geographical Boundaries

Yes

No

Effects

Body, property, economic damage. And occupation.

A sickening of citizens and disruption of the supporting systems.

Personnel

Military

Science Technology Engineering Mathematics

Targets

Military and Infrastructure

Gov and Private Sector

Cyber Space Operations

The Triad of CyberWar:

  • Exploit (Hidden Attacks to Stay Hidden)

  • Cyber Attack (Think Large Outages)

  • Cyber Defense and Response

Most Important Skills to Train:

  • DevSecOps

  • Malware Development

  • Vulnerability Assessment

  • Informational Assurance + Crypto

  • Threat/APT Counter Intel (This goes beyond attacks that have cyber targets but also includes things of the physical world where cyber is the means.)

Script kiddies need large amounts of time and money to push known attacks. We need highly skilled people to quickly push silent attacks. Be that person.

The INTs (Intelligence)

  • OSINT: Open-Source Intel

  • HUMINT: Human Intel

  • MASINT: Measurements and Signatures Intel

  • IMINT: Imagery Intel

PreviousFile typesNextBash Guide

Last updated 2 years ago

Was this helpful?

For further reading on these

Intel Categories
USA Agencies who do these
Page cover image