Learn Pen Testing, Blue Teaming and Digital Forensics
A collection of short stories, each episode in each series is based on a real-life story from the field.
Available on Kindle, Paperback and Audiobook
The print books are collections of all five stories in each series, and are available from a variety of bookstores.
BREAKING IN IS HALF THE BATTLE
The penetration testing industry has exploded in the last decade, as more and more organisations seek assurance that their cybersecurity strategies are being effectively implemented.
The Pen Test Diaries allow you to follow a penetration tester through the technical, and non-technical processes involved in testing an organisations information security measures.
Based on the author's real world experiences, the diaries tell fictionalised versions of penetration testing discoveries. A must read for anyone interested in computer security or the penetration testing field.
Each Infosec Diaries episode can also be downloaded in Kindle format.
RACING FOR ANSWERS
In this episode our investigator works with a world renowned motor racing team to investigate potential sabotage from within. Could a malicious insider be damaging their cars, costing them races and millions of dollars in prize money? The team, unable to find physical evidence of sabotage, turn to Parker Foss and his trusty digital forensics kit to look for a signs that someone isn’t being a team player.
In this episode our investigator is called to assist the owner of a highly secure aviation technology company, who is receiving ransom demands from a hacker group that claims to have stolen some of his most sensitive source code. With the option to pay a multimillion dollar ransom, or suffer the massive reputational damage of having the source code released to the whole world, the stakes are high. Who are the hackers, and how did they manage to defeat multiple layers of security?
In this episode our investigator works with a construction company who are besieged by an anarchist group. Motivated by the company’s involvement in a controversial building project, the anarchists target employees and personal property. With only a few threatening emails to go on, how can our investigator succeed where a police investigation has stalled, and help identify the members of the group before they do even more damage.
In this episode our investigator travels to Singapore to work on a fraud case at a large multinational semiconductor company. When two suspects emerge and begin pointing the finger at one another, some smart digital forensics and open source investigation is required to determine who is telling the truth, and who is responsible for defrauding their employer.
REFUGE IN THE CENTRIFUGE
In this episode penetration tester Laura Knight is brought in at short notice to test the security of newly opened secure facility operated by a defense contractor. Her mission, to work around multiple layers of security to extract sensitive data from the highly locked down network.
REVENGE ON THE WIRE
In this episode our investigator is called in to assist in the investigation of some strange happenings at a managed services company. A widespread vulnerability is wreaking havoc across the Internet. Is the vulnerability behind the strangeness? Or is something more sinister afoot?
In this episode penetration tester Laura Knight is asked to cast her eyes over a web application as a favour to a friend of her boss. The application is about to go live, but there are significant concerns about the level of security in place. Can Laura and her team convince a project manager to put security over deadlines?
Here are some other works by Mike Sheward
HANDS ON INCIDENT RESPONSE AND DIGITAL FORENSICS
Incident response and digital forensics require a balancing act to get right, but both are essential when an information security incident occurs.
In this practical guide, the relationship between incident response and digital forensics is explored and you will learn how to undertake each and balance them to meet the needs of an organisation in the event of an information security incident. Best practice tips and real-life examples are included throughout.