Holistic InfoSec For Web Developers, Fascicle 0: Physical and People

7 min read Original article ↗

Kick off your book project in 2 hours, get started with GhostAI in 2 hours, or do both! Free live workshops, on Zoom. You’ll leave with a real book project and a clear plan to keep going. Saturday, June 27, 2026.

Creating and maintaining robust technical solutions that will resist attacks from your adversaries

You pay

Author earns

About

Bundle

  • Pricing

    Bought separately$51.97

    Suggested price$28.97

Author

Kim Carter

Kim is an experienced Senior Software Architect / Engineer, Entrepreneur and the founder of BinaryMist.

Website: https://binarymist.io

Blog: https://binarymist.io/blog

OWASP NZ Chapter Leader.

Experienced and passionate about mentoring and motivating cross functional, self managing teams.

One of my strengths is helping organisations realise how they can increase profit and reduce costs.

How I do this:

• Take a holistic view of the organisation and focus on the lowest hanging (biggest wins) fruit first

• Bring visibility to all areas of the organisation

• Help people discover their full potential, especially those involved in the software engineering field

• When needed: acquire, design and build robust software and networks

• Help people understand their security status: assets, risks, countermeasures, costs & trade-off's of possible solutions.

• Increasing quality awareness and helping people and organisations implement higher quality in a cost effective manner.

Very broad skill set, with many deep specialities. Some of which are:

• Enterprise Application Architecture

• Web Development

• Networking & hardening

• Security

• DevOps

Contents

Foreword

Preface

  1. Description
  2. Purpose
  3. Reason
  4. Acknowledgements
  5. Influences

Introduction

Starting with the 30,000’ View

  1. 1. SSM Asset Identification
  2. 2. SSM Identify Risks
  3. Rating of Threats
  4. 3. SSM Countermeasures
  5. 4. SSM Risks that Solution Causes
  6. 5. SSM Costs and Trade-offs

2. 10,000’ View and Lower

  1. A 10,000’ View Scenario

3. Tooling Setup

  1. Kali Linux
  2. What’s Included in Kali Linux
  3. Kali Linux Install
  4. Tools I Use in Kali Linux requiring config, etc
  5. Metasploit
  6. Useful metasploit commands
  7. metasploit meterpreter client commands
  8. Using the database and workspaces in metasploit
  9. BeEF
  10. Updating BurpSuite
  11. Tools I Use That Need Adding to Kali Linux
  12. Terminator
  13. Discover Scripts
  14. SmbExec
  15. Gitrob
  16. CMSmap
  17. Veil Framework
  18. Password Lists
  19. Common User Passwords Profiler (cupp)
  20. Http Screenshot
  21. Psmsf
  22. Responder
  23. Custom Scripts from The Hacker Playbook 2
  24. BypassUAC
  25. NoSQLMap
  26. Spiderfoot
  27. OWASP SecLists
  28. Net-creds
  29. Unix-privesc-check
  30. LinEnum
  31. Chromium
  32. Chromium Extensions
  33. Iceweasel (FireFox with different Licensing) add-ons
  34. Additional Hardware
  35. TP-LINK TL-WN722N USB Wireless Adapter
  36. Wi-Fi Adapter:
  37. Useful commands:
  38. Reconnaissance:
  39. Provide USB privileges to guest:
  40. Provide USB recognition to guest:
  41. Blacklist Wi-Fi Module on Host:
  42. Test:
  43. Windows
  44. Tools I Use That Need Adding to Windows
  45. MinGW
  46. Hyperion
  47. psmsf
  48. Nishang
  49. PowerSploit

4. Process and Practises

  1. Penetration Testing
  2. Reconnaissance
  3. Reconnaissance Forms
  4. Passive
  5. Semi-Active
  6. Active
  7. Netcat
  8. Nmap
  9. Concealing NMap Source IP Address
  10. Decoy host -D
  11. Idle scan -sI
  12. Service Fingerprinting
  13. Depending on the Server field
  14. Ordering of Header Fields
  15. Malformed Requests
  16. Non-existent protocol
  17. Other Services
  18. Web Application Firewall (WAF) Fingerprinting
  19. Nmap
  20. WAFW00F
  21. DNS
  22. Domain Information Groper (dig)
  23. dnsenum
  24. dnsrecon
  25. theHarvester
  26. Discover-scripts
  27. recon-ng
  28. Password Profiling
  29. Vulnerability Scanning / Discovery
  30. Nmap
  31. Metasploit
  32. Vulnerability Searching
  33. Security Focus BugTraq
  34. Exploit Database
  35. Metasploit
  36. Exploitation
  37. Isolating, Testing Potential Malware
  38. linux containers (LXC)
  39. Docker
  40. Virtual Machines
  41. FireJail
  42. Qubes
  43. Offensive
  44. Documenting and Reporting
  45. Dradis
  46. CaseFile
  47. Agile Development and Practices
  48. Architecture
  49. Cheapest Place to Deal with Defects
  50. Evil Test Conditions
  51. Security Focussed TDD
  52. Security Regression Testing
  53. Zap REST API Regression Testing NodeGoat
  54. NodeGoat Set-up on your local machine
  55. Zap Running on a local VirtualBox guest
  56. Start the Security Regression test(s) from your local machine
  57. Hand-crafted Penetration Testing
  58. Establish a Security Champion
  59. Pair Programming
  60. Code Review
  61. Why?
  62. Linting, Static Analysis
  63. Dynamic Analysis
  64. Techniques for Asserting Discipline
  65. Static Type Checking
  66. Design by Contract (DbC)
  67. Essentials for Creating and Maintaining a High Performance Development Team
  68. How and Why Many Software Development Shops Fail
  69. The Scenario
  70. Scrum Teams can Fail Too
  71. How Does This Happen?
  72. So… What do We Do?
  73. How do We Do This
  74. Forming Habits and Sharpening Skills

5. Physical

  1. 1. SSM Asset Identification
  2. 2. SSM Identify Risks
  3. Fortress Mentality
  4. Internal Doors and Cabinets Left Unlocked
  5. Insecure Doors and/or Windows
  6. Easily Penetrable Building Materials
  7. Service Labels
  8. Sensitive Printed Matter
  9. RFID Tags
  10. Computers Logged in and Unlocked
  11. Networking Equipment
  12. Network Ports
  13. Wi-Fi Access Points
  14. Hiding the SSID
  15. Wi-Fi Protected Set-up (WPS)
  16. Transient Devices
  17. Lack of Visibility
  18. 3. SSM Countermeasures
  19. Fortress Mentality
  20. Internal Doors and Cabinets Left Unlocked
  21. Insecure Doors and/or Windows
  22. Easily Penetrable Building Materials
  23. Crime Prevention Through Environmental Design (CPTED)
  24. Service Labels
  25. Sensitive Printed Matter
  26. RFID Tags
  27. Computers Logged in and Unlocked
  28. Networking Equipment
  29. Network Ports
  30. Wi-Fi Access Points
  31. Hiding the SSID
  32. Wi-Fi Protected Set-up (WPS)
  33. WPA2 and WPA
  34. Transient Devices
  35. Lack of Visibility
  36. Cameras, Sensors and Alarms
  37. 4. SSM Risks that Solution Causes
  38. Fortress Mentality
  39. Internal Doors and Cabinets Left Unlocked
  40. Insecure Doors and/or Windows
  41. Easily Penetrable Building Materials
  42. Service Labels
  43. Sensitive Printed Matter
  44. RFID Tags
  45. Computers Logged in and Unlocked
  46. Networking Equipment
  47. Network Ports
  48. Wi-Fi Access Points
  49. Hiding the SSID
  50. Wi-Fi Protected Set-up (WPS)
  51. WPA2 and WPA
  52. Transient Devices
  53. Lack of Visibility
  54. Cameras, Sensors and Alarms
  55. 5. SSM Costs and Trade-offs
  56. Fortress Mentality
  57. Internal Doors and Cabinets Left Unlocked
  58. Insecure Doors and/or Windows
  59. Easily Penetrable Building Materials
  60. Service Labels
  61. Sensitive Printed Matter
  62. RFID Tags
  63. Computers Logged in and Unlocked
  64. Networking Equipment
  65. Network Ports
  66. Wi-Fi Access Points
  67. Hiding the SSID
  68. Wi-Fi Protected Set-up (WPS)
  69. WPA2 and WPA
  70. Transient Devices
  71. Lack of Visibility
  72. Cameras, Sensors and Alarms

6. People

  1. 1. SSM Asset Identification
  2. 2. SSM Identify Risks
  3. Ignorance
  4. Morale, Productivity and Engagement Killers
  5. Undermined Motivation
  6. Adding people to a late project
  7. Noisy, Crowded Offices
  8. Email
  9. Meetings
  10. Context Switching
  11. Employee Snatching
  12. Weak Password Strategies
  13. Password Profiling
  14. Crunch
  15. Common User Passwords Profiler (CUPP)
  16. Who’s your Daddy (WyD)
  17. Custom Word List generator (CeWL)
  18. Wordhound
  19. Brute Forcing
  20. Hydra
  21. Web Forms
  22. The Play
  23. Medusa
  24. nmap http-form-brute
  25. Vishing (Phone Calls)
  26. Spoofing Caller ID
  27. SMiShing
  28. Favour for a Favour
  29. The New Employee
  30. We Have a Problem
  31. It’s Just the Cleaner
  32. Emulating Targets Mannerisms
  33. Tailgating
  34. Phishing
  35. Spear Phishing
  36. Synopsis
  37. The Play
  38. Crafting Emails with SET
  39. Infectious Media
  40. Social Engineering Toolkit (Set)
  41. Teensy USB HID
  42. USB Rubber Ducky
  43. Other Offerings
  44. Additional USB Hardware
  45. 3. SSM Countermeasures
  46. Ignorance
  47. Morale, Productivity and Engagement Killers
  48. Undermined Motivation
  49. Adding people to a Late Project
  50. Noisy, Crowded Offices
  51. Email
  52. Meetings
  53. Context Switching
  54. Top Developer Motivators in Order
  55. Employee Snatching
  56. Exit Interviews
  57. Weak Password Strategies
  58. Brute Forcing
  59. Vishing (Phone Calls)
  60. Spoofing Caller Id
  61. SMiShing
  62. Favour for a Favour
  63. The New Employee
  64. We Have a Problem
  65. It’s Just the Cleaner
  66. Emulating Targets Mannerisms
  67. Tailgating
  68. Phishing
  69. Spear Phishing
  70. Infectious Media
  71. An Attacker with Physical Access.
  72. An Attacker with No Access.
  73. 4. SSM Risks that Solution Causes
  74. Ignorance
  75. Morale, Productivity and Engagement Killers
  76. Undermined Motivation
  77. Adding people to a late project
  78. Noisy, Crowded Offices
  79. Email
  80. Meetings
  81. Context Switching
  82. Top Developer Motivators in Order
  83. Employee Snatching
  84. Exit Interviews
  85. Weak Password Strategies
  86. Vishing (Phone Calls)
  87. Spoofing Caller ID
  88. SMiShing
  89. Favour for a Favour
  90. The New Employee
  91. We Have a Problem
  92. It’s Just the Cleaner
  93. Emulating Target’s Mannerisms
  94. Tailgating
  95. Phishing
  96. Spear Phishing
  97. Infectious Media
  98. 5. SSM Costs and Trade-offs
  99. Ignorance
  100. Morale, Productivity and Engagement Killers
  101. Undermined Motivation
  102. Adding people to a late project
  103. Noisy, Crowded Offices
  104. Email
  105. Meetings
  106. Context Switching
  107. Top Developer Motivators in Order
  108. Employee Snatching
  109. Exit Interviews
  110. Weak Password Strategies
  111. Vishing (Phone Calls)
  112. Spoofing Caller ID
  113. SMiShing
  114. Favour for a Favour
  115. The New Employee
  116. We Have a Problem
  117. It’s Just the Cleaner
  118. Emulating Targets Mannerisms
  119. Tailgating
  120. Phishing
  121. Spear Phishing
  122. Infectious Media

Additional Resources

  1. Starting with the 30,000’ View
  2. Rating of Threats
  3. Tooling Setup
  4. Process
  5. People

Attributions

  1. Introduction
  2. The 30,000’ View
  3. Rating of Threats
  4. Tooling Setup
  5. Process
  6. Physical
  7. People

Contributors

Some contributions to the Physical chapter

Some contributions to the People chapter. Especially around phishing countermeasures. Chris is the creator of Pond

Also by the Author

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $15 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub