Learn Pen Testing, Blue Teaming and Digital Forensics
A collection of short stories, each episode in each series is based on a real-life story from the field.
Available on Kindle, Paperback and Audiobook
The print books are collections of all five stories in each series, and are available from a variety of bookstores.
BREAKING IN IS HALF THE BATTLE
The penetration testing industry has exploded in the last decade, as more and more organisations seek assurance that their cybersecurity strategies are being effectively implemented.
The Pen Test Diaries allow you to follow a penetration tester through the technical, and non-technical processes involved in testing an organisations information security measures.
Based on the author's real world experiences, the diaries tell fictionalised versions of penetration testing discoveries. A must read for anyone interested in computer security or the penetration testing field.
Each Infosec Diaries episode can also be downloaded in Kindle format.
RACING FOR ANSWERS
In this episode our investigator works with a world renowned motor racing team to investigate potential sabotage from within. Could a malicious insider be damaging their cars, costing them races and millions of dollars in prize money? The team, unable to find physical evidence of sabotage, turn to Parker Foss and his trusty digital forensics kit to look for a signs that someone isn’t being a team player.
In this episode penetration tester Laura Knight is called in to test the security of a local government network. She discovers a remarkable array of technical security problems, that can be traced back to an oppressive culture in the IT department.
In this episode, the Blue Team responds to the highly significant Shellshock vulnerability that is causing alarm all over the world. However, thanks to a discovery in the response process, it soon becomes clear that Shellshock isn't the only thing for the team to be worried about.
In this episode our investigator is called to assist the owner of a highly secure aviation technology company, who is receiving ransom demands from a hacker group that claims to have stolen some of his most sensitive source code. With the option to pay a multimillion dollar ransom, or suffer the massive reputational damage of having the source code released to the whole world, the stakes are high. Who are the hackers, and how did they manage to defeat multiple layers of security?
In this episode, penetration tester Laura Knight is having a rough time finding any issues to report on a highly secure, modern network. To make things worse, she has a smug client hovering over her constantly. A coffee break turns out to be the key to turning the test around.
THE BIG PHISH
In this episode, the Blue Team uncovers, via rather unusual means, a large-scale phishing incident that has the potential to become the largest security incident in the company's history.
In this episode our investigator works with a construction company who are besieged by an anarchist group. Motivated by the company’s involvement in a controversial building project, the anarchists target employees and personal property. With only a few threatening emails to go on, how can our investigator succeed where a police investigation has stalled, and help identify the members of the group before they do even more damage.
LAST ONE IN
In this episode penetration tester Laura Knight makes an alarming discovery during a routine penetration test. After delivering an urgent report, it soon becomes clear that the toughest barriers to break through will be political, rather than technical.
In this episode our investigator travels to Singapore to work on a fraud case at a large multinational semiconductor company. When two suspects emerge and begin pointing the finger at one another, some smart digital forensics and open source investigation is required to determine who is telling the truth, and who is responsible for defrauding their employer.
REFUGE IN THE CENTRIFUGE
In this episode penetration tester Laura Knight is brought in at short notice to test the security of newly opened secure facility operated by a defense contractor. Her mission, to work around multiple layers of security to extract sensitive data from the highly locked down network.
In this episode, the Blue Team finds themselves in the right place at the right time to help unravel the reason why supposed new hires that no one is expecting keep showing up at the office.
REVENGE ON THE WIRE
In this episode our investigator is called in to assist in the investigation of some strange happenings at a managed services company. A widespread vulnerability is wreaking havoc across the Internet. Is the vulnerability behind the strangeness? Or is something more sinister afoot?
In this episode penetration tester Laura Knight is asked to cast her eyes over a web application as a favour to a friend of her boss. The application is about to go live, but there are significant concerns about the level of security in place. Can Laura and her team convince a project manager to put security over deadlines?
In this episode, the Blue Team accidentally stumbles across some extremely disturbing content on a laptop while investigating an Intrusion Detection System alert, resulting in a profound impact on the mental and physical well-being of the team.
Here are some other works by Mike Sheward
HANDS ON INCIDENT RESPONSE AND DIGITAL FORENSICS
Incident response and digital forensics require a balancing act to get right, but both are essential when an information security incident occurs.
In this practical guide, the relationship between incident response and digital forensics is explored and you will learn how to undertake each and balance them to meet the needs of an organisation in the event of an information security incident. Best practice tips and real-life examples are included throughout.