WEBVTT 1 00:00:00.200 --> 00:00:02.600 Right, diving in today with a deep dive for all 2 00:00:02.640 --> 00:00:04.320 you cybersecurity. 3 00:00:03.560 --> 00:00:06.599 Fans out there, especially for those who well might not 4 00:00:06.759 --> 00:00:09.039 think of a certain programming language when they picture a 5 00:00:09.039 --> 00:00:10.119 hacker exactly. 6 00:00:10.480 --> 00:00:13.679 Our source material today is the book pen Testing with. 7 00:00:13.759 --> 00:00:17.519 Pearl, ah using Pearl for penetration testing. 8 00:00:17.320 --> 00:00:20.440 YEP, pen testing for short. Yeah. Think of this deep 9 00:00:20.480 --> 00:00:24.039 dive as like your cheat sheet to the book's key 10 00:00:24.079 --> 00:00:25.199 concepts and tools. 11 00:00:25.280 --> 00:00:27.480 It's a pretty interesting choice, right. You know, we always 12 00:00:27.519 --> 00:00:29.839 picture some shadowy figure in a hoodie when we think 13 00:00:29.839 --> 00:00:32.399 about hacking, right, But behind all of that, it really 14 00:00:32.439 --> 00:00:37.799 boils down to logic and really good programming skills. 15 00:00:37.880 --> 00:00:39.600 Yeah, it makes you realize that just about anyone could 16 00:00:39.679 --> 00:00:43.079 learn how to do it. Absolutely, so why peril? It's 17 00:00:43.079 --> 00:00:47.159 not exactly like the most popular language right now? I know, right, 18 00:00:47.200 --> 00:00:50.200 but the book makes a really strong argument for how 19 00:00:50.320 --> 00:00:51.799 useful it is for pen testing. 20 00:00:52.079 --> 00:00:54.840 It really does. What makes Pearl so powerful for this 21 00:00:55.240 --> 00:00:58.640 is its ability to manipulate text and interact directly with 22 00:00:58.719 --> 00:01:03.359 the system, automate network scans like build those, exploit payloads, 23 00:01:03.359 --> 00:01:06.120 and then analyze all that captured data. Pearls amazing for 24 00:01:06.200 --> 00:01:06.599 all of that. 25 00:01:06.840 --> 00:01:09.879 Okay, that makes sense. So the book focus is more 26 00:01:09.920 --> 00:01:13.599 on how to apply those Pearl skills to these security challenges, 27 00:01:13.719 --> 00:01:16.200 not so much about teaching you Pearl. 28 00:01:15.920 --> 00:01:18.680 Itself, right exactly. It assumes you have a basic understanding 29 00:01:18.719 --> 00:01:21.000 of the language already. It's more about how to think 30 00:01:21.079 --> 00:01:27.000 like a pen tester who uses Pearl as their weapon 31 00:01:27.000 --> 00:01:28.319 of choice. I guess you could. 32 00:01:28.120 --> 00:01:30.959 Say, gotcha, So like a digital Swiss army knife kind of. 33 00:01:31.120 --> 00:01:31.439 Yeah. 34 00:01:31.519 --> 00:01:34.359 Now, the book also mentions Linux quite a bit. Is 35 00:01:34.400 --> 00:01:37.079 that because most PEN testing is done in a Linux environment? 36 00:01:37.560 --> 00:01:40.799 Yeah? Pretty much. Linux gives pen sesters the power and 37 00:01:40.840 --> 00:01:44.000 flexibility they need to really dig deep into these systems. 38 00:01:44.359 --> 00:01:46.560 The book kind of assumes you have some basic Linux 39 00:01:46.560 --> 00:01:49.799 command line skills already, you know, like navigating directories, looking 40 00:01:49.799 --> 00:01:51.519 at files, and running programs. 41 00:01:51.879 --> 00:01:55.120 The basics, but still crucial. Oh yeah, So let's say 42 00:01:55.159 --> 00:01:58.079 you're starting appentist. What will be the first step reconnaissance? 43 00:01:58.120 --> 00:01:59.480 It's all about scoping things out. 44 00:01:59.519 --> 00:02:02.640 We call it network foot printing, okay, like gathering intel. 45 00:02:02.799 --> 00:02:06.040 Yeah exactly. We're trying to find active hosts, open ports, 46 00:02:06.159 --> 00:02:09.039 and even the types of operating systems that are being used. 47 00:02:09.400 --> 00:02:12.319 So itis like real detective work. What kind of tools 48 00:02:12.319 --> 00:02:13.120 would you use for this. 49 00:02:13.319 --> 00:02:15.560 Oh, there are a bunch. One that you've probably heard 50 00:02:15.560 --> 00:02:18.919 of is NMAP super Versatile, can be used for all 51 00:02:19.000 --> 00:02:22.439 kinds of scanning techniques. Another one is h E three 52 00:02:23.240 --> 00:02:28.159 Really useful for when those typical ICMP requests are being blocked, 53 00:02:28.240 --> 00:02:29.840 you know, like when you have to craft your own 54 00:02:29.879 --> 00:02:33.199 custom packets, almost like you're speaking the network's language. 55 00:02:33.280 --> 00:02:35.000 I'm starting to see how this needs more than just 56 00:02:35.000 --> 00:02:37.680 technical skills. There's some creativity involved here too. 57 00:02:37.560 --> 00:02:38.199 Oh for sure. 58 00:02:38.520 --> 00:02:41.719 The book had this cool example of using n map 59 00:02:41.759 --> 00:02:44.719 for what they called it syn stealth scan. Can you 60 00:02:44.759 --> 00:02:47.479 break that down a bit? It sounds pretty uh sneaky? 61 00:02:47.599 --> 00:02:50.360 It is. You remember the TCP three way. 62 00:02:50.199 --> 00:02:52.759 Handshake vaguely remind. 63 00:02:52.439 --> 00:02:57.039 Me, right? So basically the syn stealth scan uses that process. 64 00:02:57.400 --> 00:03:01.199 It starts by sending syn package to the different ports 65 00:03:01.199 --> 00:03:04.039 on the target machine. If the port is open, it 66 00:03:04.120 --> 00:03:06.400 responds with the s Y and ACK packet like it's 67 00:03:06.439 --> 00:03:08.080 ready to complete the handshake. 68 00:03:07.759 --> 00:03:08.879 Right, that's normal, yep. 69 00:03:09.319 --> 00:03:13.280 But instead of finishing that handshake sending that final ACK packet, 70 00:03:13.560 --> 00:03:16.719 en map throws a curveball and sends an RST packet instead, 71 00:03:17.080 --> 00:03:18.280 you know, or reset. 72 00:03:18.080 --> 00:03:19.520 Like nope, change my mind. 73 00:03:19.599 --> 00:03:22.680 Uh huh yeah, pretty much. The target machine just thinks, oh, 74 00:03:22.719 --> 00:03:26.120 that connection failed. But we've gotten all this valuable information 75 00:03:26.159 --> 00:03:28.280 about the open ports and we didn't even set off 76 00:03:28.319 --> 00:03:29.039 any alarms. 77 00:03:29.319 --> 00:03:33.680 That is sneaky. So we've mapped the network, we've found 78 00:03:33.719 --> 00:03:34.599 some open doors. 79 00:03:34.960 --> 00:03:38.360 Now what time to get into fingerprinting those devices and services. 80 00:03:38.400 --> 00:03:39.800 Okay, so what exactly does that mean. 81 00:03:39.960 --> 00:03:42.560 It's like analyzing those fingerprints left at a crime scene. 82 00:03:42.639 --> 00:03:44.919 We look at those network responses to figure out the 83 00:03:44.919 --> 00:03:48.280 operating systems, what services are running, and you know, any 84 00:03:48.319 --> 00:03:49.879 other juicy details we can find. 85 00:03:49.960 --> 00:03:53.039 So basically gathering more specific data that can be used later. 86 00:03:52.960 --> 00:03:56.680 On exactly and understanding network protocols is super important here, 87 00:03:56.759 --> 00:03:59.280 things like TCP and net bios makes sense. 88 00:04:00.039 --> 00:04:02.000 The book had a cool example of a Pearl script 89 00:04:02.520 --> 00:04:05.840 using the netinfo dot discovery dot net bios module. Can 90 00:04:05.879 --> 00:04:07.000 you walk us through that one? 91 00:04:07.159 --> 00:04:09.439 Yeah, So that example shows you how to get info 92 00:04:09.479 --> 00:04:12.599 about those hosts on a subnet by sending net bios 93 00:04:12.719 --> 00:04:16.199 name service queries. They're normally used to convert names to 94 00:04:16.240 --> 00:04:19.399 IP addresses, but we can kind of trick hosts into 95 00:04:19.439 --> 00:04:21.079 giving up some information about themselves. 96 00:04:21.160 --> 00:04:23.399 Oh so you're using these network protocols in ways they 97 00:04:23.399 --> 00:04:25.160 weren't necessarily intended. 98 00:04:24.759 --> 00:04:28.240 For exactly, and that information can be super valuable when 99 00:04:28.240 --> 00:04:31.879 you're planning the next stages of a penetration test. Now, 100 00:04:31.920 --> 00:04:34.439 let's shift gears a bit to something you're probably using 101 00:04:34.519 --> 00:04:37.199 every single day, Web applications. 102 00:04:37.519 --> 00:04:39.680 Web apps are everywhere these days, and I know they 103 00:04:39.680 --> 00:04:42.000 could be like major targets for a text. 104 00:04:42.199 --> 00:04:45.720 Sure, web apps often have vulnerabilities that attackers can exploit 105 00:04:45.839 --> 00:04:49.360 to get access to sensitive data or even take control 106 00:04:49.360 --> 00:04:50.120 of the whole system. 107 00:04:50.560 --> 00:04:54.000 The book mentions a few vulnerabilities that sound scary, things 108 00:04:54.040 --> 00:04:58.439 like cross site scripting, SQL injection, and file inclusion vulnerabilities. 109 00:04:58.680 --> 00:05:01.800 They can be pretty dangerous they're exploited, and that's where 110 00:05:01.839 --> 00:05:04.519 Pearl comes in. You can use it to both find 111 00:05:04.600 --> 00:05:06.120 and exploit these vulnerabilities. 112 00:05:06.639 --> 00:05:09.879 I remember reading about blind sequel injection. It sounded like 113 00:05:09.920 --> 00:05:11.360 something right out of a spy movie. 114 00:05:11.399 --> 00:05:14.639 Ha huh. It's a bit like that. Wine squel injection 115 00:05:14.759 --> 00:05:18.439 is used when attackers can't directly see any error messages 116 00:05:18.480 --> 00:05:21.240 from the database. Think of it like trying to open 117 00:05:21.240 --> 00:05:24.279 a combination lock just by listening to those clicks of 118 00:05:24.279 --> 00:05:26.040 the tumblers as you're turning the dial. 119 00:05:26.240 --> 00:05:28.360 So they're sending queries and trying to figure out if 120 00:05:28.360 --> 00:05:31.160 they're on the right track based on how the application risponds. 121 00:05:31.279 --> 00:05:34.759 Exactly. They're trying to piece together information about the database 122 00:05:34.839 --> 00:05:38.959 and eventually extract that data without setting off any alarms. 123 00:05:39.079 --> 00:05:41.040 And you can use Pearl to automate this. 124 00:05:41.360 --> 00:05:44.759 Oh yeah, Pearl's really good at handling strings and manipulating data, 125 00:05:44.800 --> 00:05:47.079 so it's great for making those SEQL queries and then 126 00:05:47.079 --> 00:05:48.399 interpreting the responses. 127 00:05:48.600 --> 00:05:52.519 I see, very strategic. Okay, let's switch gears again. Talk 128 00:05:52.560 --> 00:05:56.240 about wireless networks. I've always felt like Wi Fi is 129 00:05:56.279 --> 00:05:58.240 inherently less secure? Am I wrong? 130 00:05:58.480 --> 00:06:02.240 Wireless networks definitely have their own challenges. The older security 131 00:06:02.279 --> 00:06:05.040 protocols especially, can be full of vulnerabilities. 132 00:06:05.360 --> 00:06:09.600 The book mentions deauthentication attacks. Are those as simple as 133 00:06:09.639 --> 00:06:10.120 they sound? 134 00:06:10.439 --> 00:06:11.720 They're surprisingly simple. 135 00:06:11.839 --> 00:06:12.160 Yeah. 136 00:06:12.360 --> 00:06:15.800 Basically, you send these specially crafted packets that force clients 137 00:06:15.800 --> 00:06:19.079 to disconnect from the network. Imagine cutting the phone lines 138 00:06:19.120 --> 00:06:20.319 before you break into a house. 139 00:06:20.600 --> 00:06:23.720 Wow, that's a good analogy. And once they're disconnected, they're 140 00:06:23.839 --> 00:06:27.560 even more vulnerable, right, especially when they try to reconnect Exactly. 141 00:06:27.920 --> 00:06:30.519 Now, the book goes really deep into the eight oh 142 00:06:30.600 --> 00:06:33.160 two point all one protocol you know the tech behind 143 00:06:33.160 --> 00:06:35.759 Wi Fi, and shows how you can use Perl to 144 00:06:35.839 --> 00:06:38.639 analyze and even manipulate those wireless packets. 145 00:06:38.879 --> 00:06:41.720 Okay, last thing for today, let's talk passwords. I know 146 00:06:41.800 --> 00:06:44.600 cracking passwords can be tough. Is it mostly just broof 147 00:06:44.680 --> 00:06:45.240 forcing them? 148 00:06:45.399 --> 00:06:48.319 It's more of a mix of probability and processing power. 149 00:06:48.360 --> 00:06:51.519 A lot of times we're talking about offline attacks, like 150 00:06:51.600 --> 00:06:54.279 when attackers have gotten those password hashes. 151 00:06:54.079 --> 00:06:55.360 Right, I remember reading about those. 152 00:06:55.439 --> 00:06:58.759 So those hashes are like one way transformations of the passwords. 153 00:06:58.800 --> 00:07:00.680 They're not the passwords themselves, gotcha. 154 00:07:00.759 --> 00:07:02.639 So how do they actually crack the hashes? 155 00:07:03.240 --> 00:07:07.160 A couple of ways. You've got dictionary attacks. They use 156 00:07:07.240 --> 00:07:11.839 lists of common passwords and brute force methods, which basically 157 00:07:11.839 --> 00:07:15.639 try every single combination of characters. Both of these methods 158 00:07:15.680 --> 00:07:18.160 rely on hashing those potential passwords and seeing if they 159 00:07:18.240 --> 00:07:19.240 match the stolen ones. 160 00:07:19.360 --> 00:07:21.720 It's like trying every key on a giant key ring 161 00:07:21.800 --> 00:07:23.399 until one fits exactly. 162 00:07:23.519 --> 00:07:26.120 And how long it takes depends on how complex the 163 00:07:26.120 --> 00:07:28.959 passwords are and the hashing algorithm that was used. 164 00:07:29.399 --> 00:07:32.000 The book mentioned a couple algorithms, SAHA one and MD 165 00:07:32.120 --> 00:07:33.680 five are those still used today. 166 00:07:34.160 --> 00:07:36.959 MB five is pretty much a relic now super weak 167 00:07:37.160 --> 00:07:40.240 SAHA one is still out there, but it's showing its age. 168 00:07:40.600 --> 00:07:42.680 The book also shows you how to use Pearl to 169 00:07:42.759 --> 00:07:46.439 crack WPA two passwords by looking at captured handshake packets. 170 00:07:46.639 --> 00:07:48.879 You know how devices establish that secure connection. 171 00:07:49.040 --> 00:07:50.240 That sounds super advanced. 172 00:07:50.279 --> 00:07:52.920 It can be, but the basic idea is to capture 173 00:07:52.959 --> 00:07:55.759 those packets, analyze them with Pearl, and try to get 174 00:07:55.800 --> 00:07:58.319 that pre shared key that's used to encrypt the traffic. 175 00:07:58.560 --> 00:08:01.399 Gotcha. Okay, let's talk about social engineering. This is where 176 00:08:01.439 --> 00:08:02.879 the human element comes in, right, Yeah. 177 00:08:02.920 --> 00:08:06.160 Absolutely. It's all about manipulating people to gain access to 178 00:08:06.399 --> 00:08:08.160 systems or information, so. 179 00:08:08.079 --> 00:08:12.079 Like phishing emails, fake websites, even messing with social media accounts, 180 00:08:12.160 --> 00:08:12.519 all of that. 181 00:08:12.639 --> 00:08:15.759 Yeah, it's kind of scary how attackers can use psychology 182 00:08:15.839 --> 00:08:17.480 to get around those security measures. 183 00:08:17.800 --> 00:08:20.560 The book talks about how peerl can automate some of 184 00:08:20.600 --> 00:08:24.040 these social engineering tasks. What's an example of that. 185 00:08:24.120 --> 00:08:26.120 Well, imagine you want to send out a ton of 186 00:08:26.160 --> 00:08:29.800 phishing emails. You can use Perl to make each email 187 00:08:29.839 --> 00:08:33.360 seem personalized so they're more convincing. You can even use 188 00:08:33.360 --> 00:08:36.600 Pearl to clone websites and make those fake login pages 189 00:08:36.639 --> 00:08:39.080 that look almost exactly like the real thing. 190 00:08:39.159 --> 00:08:42.000 So sneaky. It's not just about technical skills, it's about 191 00:08:42.240 --> 00:08:44.320 knowing how people think exactly. 192 00:08:44.399 --> 00:08:46.399 And that's why it's so important to think about the 193 00:08:46.440 --> 00:08:49.720 ethical side of social engineering when you're pen testing, you know, 194 00:08:49.799 --> 00:08:52.159 understanding the impact and always being responsible. 195 00:08:52.320 --> 00:08:56.960 Okay, so we found vulnerabilities, tested exploits, gathered tons of data. 196 00:08:57.200 --> 00:09:00.399 What happens next, time to write it all up. Recording 197 00:09:00.639 --> 00:09:02.200 is a key part of pen testing. 198 00:09:02.440 --> 00:09:04.960 Makes sense. You've got to communicate your findings in a 199 00:09:04.960 --> 00:09:05.960 way that's clear and. 200 00:09:05.919 --> 00:09:09.320 Makes sense exactly. And guess what Pearl can help with 201 00:09:09.360 --> 00:09:12.360 that too. Perl is great at processing texts, so it's 202 00:09:12.360 --> 00:09:14.480 perfect for making all those different kinds of reports. You 203 00:09:14.480 --> 00:09:18.679 can make text files csvs HTML for those web reports, 204 00:09:19.320 --> 00:09:22.159 even PDFs if you need to make things super official. 205 00:09:23.039 --> 00:09:25.320 I can definitely see how that would be helpful to 206 00:09:25.480 --> 00:09:28.080 organize all of that data and present it in a 207 00:09:28.120 --> 00:09:31.399 way that clients understand. The book even mentioned using Pearl 208 00:09:31.480 --> 00:09:34.200 to add visual elements to the report. 209 00:09:34.279 --> 00:09:37.360 Oh yeah, for sure. Imagine making graphs and charts right 210 00:09:37.360 --> 00:09:41.000 there in your report, stuff like vulnerability counts, or even 211 00:09:41.039 --> 00:09:44.080 those attack paths. Maybe a visual that shows the whole 212 00:09:44.120 --> 00:09:48.200 security posture of the target. Clients really love visuals. 213 00:09:47.840 --> 00:09:50.679 Absolutely makes it much easier to digest all that info. 214 00:09:51.000 --> 00:09:53.480 Speaking of digging for information, the book had a section 215 00:09:53.639 --> 00:09:57.720 on using Perl for what they called DNS enumeration. What 216 00:09:57.840 --> 00:09:58.600 is that exactly? 217 00:09:58.679 --> 00:10:00.840 Okay, so think of it like being detective, but you're 218 00:10:00.840 --> 00:10:04.120 trying to find all those secret rooms in a mansion. 219 00:10:04.159 --> 00:10:05.639 Maybe Okay, I like that analogy. 220 00:10:05.799 --> 00:10:09.120 Yeah, So DNS enumeration is all about sending queries to 221 00:10:09.200 --> 00:10:12.480 DNS servers trying to get information about the target domain, 222 00:10:12.879 --> 00:10:17.879 things like IP addresses, mail servers, and even some hidden subdomains. 223 00:10:17.919 --> 00:10:21.440 Hidden subdomains, that sounds interesting. Why would they be hidden 224 00:10:21.559 --> 00:10:23.399 and what kind of information could they lead to? 225 00:10:23.639 --> 00:10:26.879 Sometimes they're like accidental leftovers from when the website was 226 00:10:26.919 --> 00:10:30.399 being built. Oh like jump tours, Yeah exactly. They might 227 00:10:30.480 --> 00:10:33.480 have old versions of web applications on them, or even 228 00:10:33.559 --> 00:10:36.879 internal systems that accidentally got exposed to the whole Internet. 229 00:10:37.240 --> 00:10:39.559 Finding those can be a huge win, So. 230 00:10:39.559 --> 00:10:41.480 It's like striking gold pretty much. 231 00:10:42.000 --> 00:10:45.360 The book gave an example of using the net DNS 232 00:10:45.399 --> 00:10:49.120 module to basically brute force those subdomains broote forcing them. 233 00:10:49.360 --> 00:10:50.159 How does that work. 234 00:10:50.279 --> 00:10:52.759 It's like generating a big list of all the possible 235 00:10:52.799 --> 00:10:55.799 subdomains and then sending a query for every single one 236 00:10:55.840 --> 00:10:57.480 of them to the DNS server. 237 00:10:57.639 --> 00:10:59.399 So like trying a ton of keys to see which 238 00:10:59.399 --> 00:11:00.960 ones fit the exactly. 239 00:11:01.320 --> 00:11:03.559 Okay, So let's say we've gathered all this intel and 240 00:11:03.600 --> 00:11:06.360 we have a good map of the target network. What's 241 00:11:06.399 --> 00:11:09.039 the next step in appentist. 242 00:11:08.440 --> 00:11:09.960 What do we do with all that info? 243 00:11:10.399 --> 00:11:13.480 We dive into service discovery, start poking around and seeing 244 00:11:13.480 --> 00:11:16.159 what services are actually running on the systems we've found. 245 00:11:16.320 --> 00:11:19.039 So after finding the doors, we're checking if they're unlocked. 246 00:11:19.320 --> 00:11:21.320 Yeah, that's a great way to put it. We're looking 247 00:11:21.360 --> 00:11:25.759 for things like web servers, mail servers, file sharing services, 248 00:11:26.000 --> 00:11:28.559 really anything that might have a weakness we can exploit. 249 00:11:29.240 --> 00:11:32.440 One technique the book mentioned is banner grabbing. 250 00:11:32.639 --> 00:11:33.720 Banner grabbing, What's that? 251 00:11:33.840 --> 00:11:36.080 It's a super quick and easy way to get a 252 00:11:36.120 --> 00:11:39.120 basic overview of what's running on a specific port. 253 00:11:39.399 --> 00:11:40.759 How do you actually grab a banner? 254 00:11:40.879 --> 00:11:43.759 You send a special request to the service and then 255 00:11:43.840 --> 00:11:46.320 look at the response. We're looking for clues like the 256 00:11:46.360 --> 00:11:48.240 software name and the version number. 257 00:11:48.480 --> 00:11:51.279 That's smart. So if you can find an outdated or 258 00:11:51.399 --> 00:11:54.720 vulnerable service, you know exactly where to focus your attack. 259 00:11:54.960 --> 00:11:59.039 Bingo. It's like having a blueprint for the attack. Now 260 00:11:59.120 --> 00:12:01.320 let's talk about something, and it's become a huge target 261 00:12:01.360 --> 00:12:05.320 for attackers. Web applications web apps. 262 00:12:05.120 --> 00:12:08.399 Are basically everywhere, and they can be a real security 263 00:12:08.480 --> 00:12:09.720 nightmare if they weren't built right. 264 00:12:09.960 --> 00:12:13.519 That's true. Web apps often have those vulnerabilities that attackers 265 00:12:13.519 --> 00:12:16.200 can use to get sensitive data or even take control 266 00:12:16.240 --> 00:12:19.399 of the whole system. SQL injection is a common one, 267 00:12:19.440 --> 00:12:21.639 and the book goes into a lot of detail about it. 268 00:12:21.720 --> 00:12:24.000 I've heard of that it sounds like a really clever 269 00:12:24.080 --> 00:12:25.799 way to get around security measures. 270 00:12:25.960 --> 00:12:28.720 It is. It targets web forms that were designed or 271 00:12:28.759 --> 00:12:32.840 coded poorly. The attacker messes with those input fields and 272 00:12:32.879 --> 00:12:36.080 they inject malicious code that the database then runs. 273 00:12:36.399 --> 00:12:39.480 So they're tricking the database into doing something it shouldn't. 274 00:12:39.759 --> 00:12:42.799 Yeah, pretty much. The book has this example of using 275 00:12:42.879 --> 00:12:46.840 Perl in a module called LWP user Agent to actually 276 00:12:46.879 --> 00:12:50.360 exploit one of those vulnerable forms. It showed how attackers 277 00:12:50.360 --> 00:12:53.000 can get data from a database even when you don't 278 00:12:53.000 --> 00:12:56.600 see any error messages. They call that blind sequel injection. 279 00:12:56.480 --> 00:12:59.200 Blind sequel injection. It sounds like reading someone's mind without 280 00:12:59.200 --> 00:12:59.600 them knowing. 281 00:13:00.360 --> 00:13:03.320 Yeah, kind of. The attacker has to ask all these 282 00:13:03.360 --> 00:13:06.759 indirect questions and really pay attention to how the application responds. 283 00:13:06.799 --> 00:13:08.279 Wow, that sounds super challenging. 284 00:13:08.600 --> 00:13:11.559 It is, but Perl can help a lot because it's 285 00:13:11.559 --> 00:13:15.240 so good with string handling and manipulating data. It's all 286 00:13:15.279 --> 00:13:17.200 about precision and being strategic. 287 00:13:17.759 --> 00:13:20.879 It all makes sense. So what about cross site scripting? 288 00:13:20.919 --> 00:13:23.240 I know that's another big web app vulnerability. 289 00:13:23.320 --> 00:13:27.799 Cross site scripting or XSS is how attackers slip malicious 290 00:13:27.879 --> 00:13:31.080 JavaScript code into a web page that other people will see. 291 00:13:31.159 --> 00:13:33.200 Oh, I see. So they're like setting a trap on 292 00:13:33.279 --> 00:13:35.159 the website for someone else to fall into. 293 00:13:35.279 --> 00:13:38.519 Yeah, exactly, And then when someone visits that page, their 294 00:13:38.559 --> 00:13:41.679 browser runs that malicious code, which could do a lot 295 00:13:41.720 --> 00:13:42.320 of damage. 296 00:13:42.360 --> 00:13:44.320 Like what kind of davature are we talking about. 297 00:13:44.519 --> 00:13:46.960 It could steal their login info, send them to a 298 00:13:47.000 --> 00:13:50.279 fake website, even give the attacker control of their whole browser. 299 00:13:50.559 --> 00:13:51.519 That sounds pretty bad. 300 00:13:51.600 --> 00:13:53.960 It can be, Yeah, and you can use Pearl to 301 00:13:54.039 --> 00:13:59.519 automate finding and exploiting those EXSS vulnerabilities. Really like how 302 00:13:59.639 --> 00:14:01.440 the book kind of whole Pearl script for it. It 303 00:14:01.440 --> 00:14:04.720 could scan a website and look for possible vulnerabilities, even 304 00:14:04.759 --> 00:14:07.240 craft those malicious codebits to inject. 305 00:14:07.519 --> 00:14:11.639 Wow, Pearl is really versatile. The book also mentioned file 306 00:14:11.639 --> 00:14:17.639 inclusion vulnerabilities, specifically local file inclusion LFI and remote file 307 00:14:17.679 --> 00:14:20.960 inclusion RFI. What's the difference between those two? 308 00:14:21.240 --> 00:14:24.639 Both of them exploit vulnerabilities that let attackers trick the 309 00:14:24.639 --> 00:14:28.120 web server into including files it shouldn't. It's like convincing 310 00:14:28.120 --> 00:14:30.279 the server to read a file it doesn't have access to. 311 00:14:30.600 --> 00:14:32.840 Okay, I'm falling so far. What kind of problems could 312 00:14:32.840 --> 00:14:33.159 that cause? 313 00:14:33.240 --> 00:14:36.519 Attackers could get into sensitive files, run their own malicious code, 314 00:14:36.600 --> 00:14:38.200 or even take over the entire server. 315 00:14:38.480 --> 00:14:42.240 Yikes. So what's the difference between LiFi and RFI. 316 00:14:42.320 --> 00:14:44.480 The difference is where those files are located. 317 00:14:44.720 --> 00:14:47.720 So LiFi is when the attacker tries to get a 318 00:14:47.759 --> 00:14:48.559 file that's already on. 319 00:14:48.559 --> 00:14:51.480 The server exactly. It's like sneaking into a restricted area 320 00:14:51.519 --> 00:14:52.080 in a building. 321 00:14:52.159 --> 00:14:53.440 Okay, So then what's RFI. 322 00:14:54.120 --> 00:14:56.600 RFI means they're trying to include a file from a 323 00:14:56.639 --> 00:14:59.799 remote server, one that they control, like calling in back 324 00:14:59.879 --> 00:15:00.759 up from outside. 325 00:15:01.240 --> 00:15:03.519 I get it. So they're bringing in their own tool yep. 326 00:15:03.600 --> 00:15:07.039 Pretty much The book had an example of using Pearl 327 00:15:07.159 --> 00:15:10.960 to exploit an LFI vulnerability to actually get into the 328 00:15:11.159 --> 00:15:13.639 etceterpass rid file on a Linux server. 329 00:15:13.919 --> 00:15:15.519 Wait, what's that? What's in that file? 330 00:15:15.720 --> 00:15:19.879 Oh, that one's a gold mine. It's got usernames, home directories, 331 00:15:20.039 --> 00:15:24.080 sometimes even encrypted passwords. If an attacker can get into that, 332 00:15:24.080 --> 00:15:25.320 that's a huge win for them. 333 00:15:25.440 --> 00:15:28.120 That makes sense. The book also had an example about 334 00:15:28.320 --> 00:15:31.360 RFI using it to run PHP code on the server. 335 00:15:31.519 --> 00:15:34.799 Oh yeah, that's super dangerous. RFI gives attackers a ton 336 00:15:34.879 --> 00:15:37.679 of control. It's like planting a bomb and setting it 337 00:15:37.720 --> 00:15:38.600 off whenever they want. 338 00:15:38.799 --> 00:15:41.559 That is terrifying. Okay, let's move on to something else. 339 00:15:41.600 --> 00:15:46.159 I'm really curious about packet capturing an analysis. What is 340 00:15:46.240 --> 00:15:47.159 that all about. 341 00:15:47.360 --> 00:15:51.679 It's basically like grabbing those raw network profit snapshots as 342 00:15:51.679 --> 00:15:55.759 they're passing through a network interface. Imagine listening in on 343 00:15:55.960 --> 00:15:59.639 all the digital conversations happening around you. Pearl is super 344 00:15:59.679 --> 00:16:02.879 helpful for analyzing and messing with that captured data. 345 00:16:03.000 --> 00:16:05.200 Yeah, the book had a whole section on using Perl 346 00:16:05.279 --> 00:16:08.159 to pick apart those TCP packets. It seemed pretty technical. 347 00:16:08.320 --> 00:16:10.840 It is, you need to understand those network protocols. And 348 00:16:10.879 --> 00:16:13.759 how those packets are structured. But Perl makes it easier 349 00:16:13.759 --> 00:16:16.759 to do that suck well. Perl has special modules for it, 350 00:16:16.960 --> 00:16:21.919 like netpacket dot Ethernet, netpacket dot IP, and netpacket dot TCP. 351 00:16:22.080 --> 00:16:25.000 They can all decode the different layers of a TCP. 352 00:16:24.720 --> 00:16:28.519 Packet, like having a secret decoder ring for network traffic exactly. 353 00:16:28.879 --> 00:16:31.960 You can see all those individual fields inside the packet heather, 354 00:16:32.120 --> 00:16:35.879 things like the IP addresses, port numbers, those sequence numbers, 355 00:16:36.240 --> 00:16:39.320 even the TCP flags that control how that connection flows. 356 00:16:39.399 --> 00:16:42.279 It's amazing how much information is hidden in there. The 357 00:16:42.279 --> 00:16:45.039 book had an example about using Pearl to pull data 358 00:16:45.080 --> 00:16:47.919 from an HTTP packet that was captured in the man 359 00:16:47.960 --> 00:16:48.720 in the middle attack. 360 00:16:48.840 --> 00:16:51.360 Oh yeah, Man in the middle attacks are sneaky. That's 361 00:16:51.399 --> 00:16:54.519 when someone's listening in on a conversation, maybe even changing 362 00:16:54.600 --> 00:16:56.519 it without the other two parties knowing. 363 00:16:56.399 --> 00:16:57.480 Like tapping a phone line. 364 00:16:57.519 --> 00:17:00.960 Exactly. By capturing and then analyzing those packets, you can 365 00:17:01.000 --> 00:17:05.839 see all the information that's being shared, including things like usernames, passwords, 366 00:17:05.880 --> 00:17:07.240 maybe even financial info. 367 00:17:07.599 --> 00:17:09.799 It's scary how easy it is to snoop these days. 368 00:17:10.279 --> 00:17:14.079 What about HTTPS? Doesn't that encrypt everything, making it harder 369 00:17:14.119 --> 00:17:14.920 to spy. 370 00:17:15.000 --> 00:17:17.559 It does make it tougher, but there are still ways 371 00:17:17.640 --> 00:17:20.200 for attackers to get around it. The book mentioned a 372 00:17:20.240 --> 00:17:24.279 tool called SSL strip, which can downgrade that HTTPS connection 373 00:17:24.400 --> 00:17:28.880 to regular HTTP. Suddenly, all that traffic is vulnerable. 374 00:17:28.440 --> 00:17:31.359 Again, so they trick the website and the user into 375 00:17:31.400 --> 00:17:35.480 thinking they're having a private conversation when really they're broadcasting 376 00:17:35.519 --> 00:17:36.920 everything exactly. 377 00:17:37.119 --> 00:17:39.680 It's super important to always be aware of these attacks 378 00:17:39.920 --> 00:17:43.759 and make sure you're only connecting to websites using that HTTPS. 379 00:17:44.359 --> 00:17:46.519 Look for that little lock icon in the address bar. 380 00:17:46.799 --> 00:17:50.039 Good advice. Okay, what about wireless attacks? Those seem like 381 00:17:50.079 --> 00:17:51.079 a whole different category. 382 00:17:51.240 --> 00:17:54.480 They are. Wireless networks have their own set of security problems. 383 00:17:54.559 --> 00:17:56.480 Remember those deauthentication attacks. 384 00:17:56.200 --> 00:17:58.680 We talked about, Yeah, kicking everyone off the network sounds 385 00:17:58.720 --> 00:18:00.039 pretty disruptive. 386 00:17:59.559 --> 00:18:01.960 Oh it is. The book showed how attackers can use 387 00:18:02.000 --> 00:18:05.279 Pearl and a tool called air cracking to create those 388 00:18:05.319 --> 00:18:06.759 deauthentication packets. 389 00:18:06.839 --> 00:18:11.079 That's powerful. What about actually cracking those WEP and WPA 390 00:18:11.160 --> 00:18:14.200 two passwords? Those are what secure most Wi Fi. 391 00:18:14.039 --> 00:18:18.559 Networks, right they are WEP or wired equivalent privacy is 392 00:18:18.559 --> 00:18:22.039 an older one that's not very secure anymore. WPA two, 393 00:18:22.200 --> 00:18:24.960 which stands for Wi Fi Protected Access to is the 394 00:18:25.079 --> 00:18:28.039 current standard and it's way more secure, but it can 395 00:18:28.079 --> 00:18:28.799 still be broken. 396 00:18:29.480 --> 00:18:32.119 How do they do that? How do attackers crack those passwords? 397 00:18:32.279 --> 00:18:35.279 For WPA two, it's all about capturing that four way 398 00:18:35.279 --> 00:18:38.880 handshake when a device is connecting to the network. Once 399 00:18:38.920 --> 00:18:41.200 they have that, they can try brute forcing it or 400 00:18:41.279 --> 00:18:43.799 using a dictionary attack to guess the password. 401 00:18:43.880 --> 00:18:46.000 The book showed how to use Pearl and Air cracking 402 00:18:46.039 --> 00:18:48.519 for that. How long does it usually take to crack 403 00:18:48.519 --> 00:18:49.119 a password? 404 00:18:49.279 --> 00:18:51.759 It really depends on how strong the password is. The 405 00:18:51.920 --> 00:18:54.960 longer and more complex it is, the harder it is 406 00:18:55.000 --> 00:18:55.440 to crack. 407 00:18:55.640 --> 00:18:58.319 That's why it's so important to have those strong passwords. Okay, 408 00:18:58.319 --> 00:19:00.440 we've covered a lot today. We talked about network tacks, 409 00:19:00.480 --> 00:19:04.240 web applications, and wireless attacks. What about social engineering? Isn't 410 00:19:04.279 --> 00:19:07.359 that all about taking advantage of people's weaknesses? It is. 411 00:19:07.400 --> 00:19:10.400 It's about manipulating people to get into systems or information. 412 00:19:10.839 --> 00:19:14.240 It's amazing how attackers can use psychology to get around security. 413 00:19:14.839 --> 00:19:17.039 The book showed how you can use Perl for those 414 00:19:17.039 --> 00:19:20.519 social engineering tasks. What would be a good example of that. 415 00:19:21.039 --> 00:19:23.680 Imagine you want to send out a bunch of phishing emails. 416 00:19:24.319 --> 00:19:27.319 You could use Perl to make each email look personalized 417 00:19:27.319 --> 00:19:30.480 so it seems more believable. You can even clone websites 418 00:19:30.519 --> 00:19:33.119 and make those fake login pages that look just like 419 00:19:33.160 --> 00:19:33.920 the real deal. 420 00:19:34.279 --> 00:19:36.880 It's pretty sneaky. It's not just about being technical. You 421 00:19:36.960 --> 00:19:39.359 have to understand how people think and what makes them. 422 00:19:39.200 --> 00:19:42.680 Trust things exactly. That's why the ethics of social engineering 423 00:19:42.720 --> 00:19:45.400 are super important. In pen testing, you have to understand 424 00:19:45.400 --> 00:19:47.240 the impact and always be responsible. 425 00:19:47.279 --> 00:19:50.640 Okay, after all that testing and gathering information, what's the 426 00:19:50.640 --> 00:19:52.279 next step you have to put it all together? Right? 427 00:19:52.359 --> 00:19:55.400 Yeah, we call that the penetration testing report. It's really important. 428 00:19:55.519 --> 00:19:58.000 That's how you explain everything you found and give recommendations 429 00:19:58.000 --> 00:19:59.200 to the client exactly. 430 00:20:00.000 --> 00:20:02.440 And the book talked a lot about how those reports 431 00:20:02.480 --> 00:20:05.119 need to be written for the audience. A report for 432 00:20:05.160 --> 00:20:07.359 a tech team is going to look a lot different 433 00:20:07.440 --> 00:20:08.920 than one for the executives. 434 00:20:09.119 --> 00:20:11.400 So the technical one gets into all the details, right, 435 00:20:11.599 --> 00:20:15.680 the vulnerabilities, the exploits, and the steps to fix them exactly. 436 00:20:15.920 --> 00:20:18.480 But for the executives, it's more about the big picture, 437 00:20:19.240 --> 00:20:22.799 the overall risk to the organization. What could happen if 438 00:20:22.839 --> 00:20:25.400 there's a breach and the high level things they need 439 00:20:25.440 --> 00:20:26.200 to do to fix it. 440 00:20:26.599 --> 00:20:29.000 So making sure everyone gets the right info in a 441 00:20:29.000 --> 00:20:32.079 way that's easy to understand. Can you use Pearl to 442 00:20:32.160 --> 00:20:33.039 make these reports? 443 00:20:33.119 --> 00:20:36.759 Oh? Yeah, for sure. Pearl can pull data from different sources, 444 00:20:37.000 --> 00:20:39.880 organize it, and even make those charts and graphs to 445 00:20:39.920 --> 00:20:41.200 make things super clear. 446 00:20:41.519 --> 00:20:44.720 Visuals are always helpful. A picture really is worth a 447 00:20:44.759 --> 00:20:47.880 thousand words. Now. Something we've talked about a lot during 448 00:20:47.880 --> 00:20:50.960 this deep dive is ethical hacking. It sounds kind of 449 00:20:51.000 --> 00:20:52.240 like a contradiction, I. 450 00:20:52.240 --> 00:20:55.920 Know, right. Ethical hacking is all about finding vulnerabilities and 451 00:20:55.960 --> 00:20:58.559 telling the company about them so they can improve their security. 452 00:20:59.000 --> 00:21:01.599 It's like being a security consultant who can actually show 453 00:21:01.640 --> 00:21:03.079 them their weaknesses. 454 00:21:02.920 --> 00:21:05.480 Like showing someone how their luck could be picked so 455 00:21:05.480 --> 00:21:06.039 they can get a. 456 00:21:05.960 --> 00:21:09.720 Stronger one exactly. But it's important to remember that ethical 457 00:21:09.759 --> 00:21:12.400 hackers have to play by the rules. They need to 458 00:21:12.440 --> 00:21:15.839 be respectful of the client's systems and data, always get 459 00:21:15.880 --> 00:21:19.160 permission before doing any testing, and be totally honest about 460 00:21:19.200 --> 00:21:19.759 what they find. 461 00:21:19.920 --> 00:21:22.599 So it's about using your skills for good, helping those 462 00:21:22.720 --> 00:21:24.799 organizations stay ahead of the bad guys. 463 00:21:25.079 --> 00:21:27.880 Exactly. Well, this takes us to the end of part 464 00:21:27.920 --> 00:21:30.640 two of our deep dive into pen testing with Pearl. 465 00:21:31.640 --> 00:21:34.559 We've covered a lot of ground exploring how this language, 466 00:21:34.559 --> 00:21:37.319 which you might not expect, has become a key player 467 00:21:37.400 --> 00:21:38.799 in the world of cybersecurity. 468 00:21:39.039 --> 00:21:41.319 It's pretty amazing how many ways you can use Peerl 469 00:21:41.319 --> 00:21:45.400 for this. We talked about network recon social engineering, web 470 00:21:45.440 --> 00:21:48.759 app attacks, even incident response, and of course the ethical 471 00:21:48.799 --> 00:21:49.440 side of things. 472 00:21:49.599 --> 00:21:52.400 Yeah, Perl might not be the most glamorous language out there, 473 00:21:52.400 --> 00:21:55.759 but it's super flexible. Plus, it's a pro at manipulating text, 474 00:21:56.000 --> 00:21:58.039 and it's got this huge collection of modules. It's a 475 00:21:58.039 --> 00:21:59.599 great fit for security tasks. 476 00:22:00.160 --> 00:22:02.440 To our listeners, we challenge you to take what you've 477 00:22:02.480 --> 00:22:06.160 learned here and start exploring Pearl and cybersecurity on your own. 478 00:22:06.480 --> 00:22:09.759 Play around with the tools, try writing your own scripts, 479 00:22:09.880 --> 00:22:12.680 and never stop learning. You might be surprised by what 480 00:22:12.720 --> 00:22:13.119 you can do. 481 00:22:13.680 --> 00:22:16.720 That's great advice. We'll be right back for the third 482 00:22:16.799 --> 00:22:19.240 and final part of our deep dive into pent testing 483 00:22:19.319 --> 00:22:22.599 with Pearl, so don't go anywhere all right back for 484 00:22:22.680 --> 00:22:25.640 the final part of our Pearl powered cybersecurity deep dive. 485 00:22:27.240 --> 00:22:29.400 You know, I've been thinking about your question from earlier, 486 00:22:29.440 --> 00:22:32.359 which one was that about how someone can actually use 487 00:22:32.400 --> 00:22:34.960 peerl to improve their cybersecurity skills. 488 00:22:35.079 --> 00:22:38.920 Ah right, it's a good question, makes you think it does. 489 00:22:39.279 --> 00:22:41.759 What really stands out to me about Pearl is how 490 00:22:41.799 --> 00:22:44.759 flexible it is. You can automate all those boring tasks, 491 00:22:44.880 --> 00:22:47.759 get into data analysis, even make your own security tools. 492 00:22:47.799 --> 00:22:50.200 You're right, that's what makes it so unique. Building those 493 00:22:50.319 --> 00:22:53.000 custom tools. It's like having a secret weapon. 494 00:22:52.920 --> 00:22:54.680 Exactly, like no one else has it. 495 00:22:54.839 --> 00:22:57.519 One area where custom tools are a game changer is 496 00:22:57.680 --> 00:23:01.960 incident response. You know, when there's security breach, every second counts. 497 00:23:02.000 --> 00:23:03.920 I can imagine you have to figure out what happened, 498 00:23:04.240 --> 00:23:06.519 try to stop the damage, and then figure out how 499 00:23:06.559 --> 00:23:07.200 they got in. 500 00:23:07.720 --> 00:23:10.119 Sounds intense, like a digital fire drill. 501 00:23:10.440 --> 00:23:13.279 It can be, But you can use Perl to help 502 00:23:13.319 --> 00:23:16.400 you go through all those huge log files, connect the 503 00:23:16.440 --> 00:23:20.640 dots between different events, find those suspicious activities. It can 504 00:23:20.720 --> 00:23:24.200 even help you contain the breach by like shutting off 505 00:23:24.240 --> 00:23:25.559 those compromise systems. 506 00:23:25.680 --> 00:23:27.559 So it's like having a high tech detective on the 507 00:23:27.559 --> 00:23:28.599 case exactly. 508 00:23:28.759 --> 00:23:31.680 Yeah, speaking of detective works, something we haven't really talked 509 00:23:31.680 --> 00:23:37.240 about is how important documentation is, especially those penetration testing reports. 510 00:23:37.559 --> 00:23:41.119 It's not just about finding the vulnerabilities, it's about explaining 511 00:23:41.160 --> 00:23:42.599 them in a way that makes sense. 512 00:23:42.680 --> 00:23:45.400 Yeah. Those reports are how you tell the client what 513 00:23:45.440 --> 00:23:47.240 you found and what they need to fix. 514 00:23:47.599 --> 00:23:50.640 And the book really emphasizes that you need to write 515 00:23:50.680 --> 00:23:52.799 those reports for the people who are going to read them. 516 00:23:53.200 --> 00:23:55.200 A report for the tech team is going to be 517 00:23:55.400 --> 00:23:57.400 different from a report for the executives. 518 00:23:57.599 --> 00:23:59.200 So for the tech people, you'd go into all the 519 00:23:59.200 --> 00:24:00.000 technical stuff. 520 00:24:00.079 --> 00:24:02.960 Yeah, like the specifics of the vulnerabilities, how we exploited them, 521 00:24:03.000 --> 00:24:05.559 and the step by step process for fixing. 522 00:24:05.200 --> 00:24:07.799 Them makes sense. What about for the executives? What would 523 00:24:07.839 --> 00:24:08.599 you include for them? 524 00:24:08.960 --> 00:24:11.680 For them, it's more about the big picture, like what's 525 00:24:11.759 --> 00:24:15.000 the overall risk to the company, what could happen if 526 00:24:15.000 --> 00:24:17.839 someone breaks in, and what are the major steps they 527 00:24:17.880 --> 00:24:18.880 need to take to fix it? 528 00:24:19.079 --> 00:24:21.640 Okay, I get it. So the tech team gets the 529 00:24:21.720 --> 00:24:25.000 nitty gritty details and the executives get the high level 530 00:24:25.039 --> 00:24:26.240 overview exactly. 531 00:24:26.279 --> 00:24:28.519 You have to make sure that everyone gets the right 532 00:24:28.599 --> 00:24:30.480 information in a way that they understand. 533 00:24:30.640 --> 00:24:33.200 Can PERL help with making those reports too, Oh. 534 00:24:33.119 --> 00:24:35.559 Yeah, definitely. You can use it to pull data from 535 00:24:35.640 --> 00:24:38.200 different places, put it all together, and even generate those 536 00:24:38.240 --> 00:24:40.039 charts and graphs to make it super clear. 537 00:24:40.440 --> 00:24:43.440 Visuals are always so helpful. They say a picture's worth 538 00:24:43.480 --> 00:24:47.480 a thousand words. Now, something we've been talking about throughout 539 00:24:47.480 --> 00:24:50.599 this whole deep dive is the idea of ethical hacking. 540 00:24:51.559 --> 00:24:53.000 It sounds a bit strange, doesn't it. 541 00:24:53.079 --> 00:24:56.119 I know, it's kind of a contradiction. But ethical hacking 542 00:24:56.160 --> 00:24:59.559 is all about finding those vulnerabilities and telling the company 543 00:24:59.559 --> 00:25:01.799 about them so they can improve their security. 544 00:25:02.599 --> 00:25:04.799 So it's kind of like being a good guy hacker. 545 00:25:04.960 --> 00:25:07.599 Yeah, like a security consultant who can show them exactly 546 00:25:07.640 --> 00:25:08.759 where their weaknesses are. 547 00:25:08.960 --> 00:25:11.240 It's like showing someone that their lock can be picked 548 00:25:11.480 --> 00:25:13.039 so they can replace it with a better one. 549 00:25:13.160 --> 00:25:15.960 Exactly. But ethical hackers have to have rules, you know. 550 00:25:16.079 --> 00:25:18.880 They have to be respectful of the client systems and data, 551 00:25:19.200 --> 00:25:21.680 always get permission before they do any testing, and be 552 00:25:21.799 --> 00:25:23.400 honest about everything they find. 553 00:25:23.519 --> 00:25:26.319 So using your powers for good basically exactly. 554 00:25:26.640 --> 00:25:28.279 Well, this brings us to the end of our deep 555 00:25:28.319 --> 00:25:31.319 dive into pen testing with Pearl. It's been a fun 556 00:25:31.400 --> 00:25:34.519 journey figuring out how a language you might not expect 557 00:25:34.519 --> 00:25:37.559 can be such a great tool in the world of cybersecurity. 558 00:25:37.680 --> 00:25:40.559 It's been an eye opener for sure. Who knew Pearl 559 00:25:40.680 --> 00:25:45.640 was so powerful. We covered so much network recon social engineering, 560 00:25:46.000 --> 00:25:50.359 those web app attacks, incident response, even the ethical side 561 00:25:50.359 --> 00:25:51.720 of things. It's been great. 562 00:25:51.880 --> 00:25:54.319 Perl might not be the most popular language, but it's 563 00:25:54.400 --> 00:25:57.759 definitely versatile. It's amazing at handling text, and it has 564 00:25:57.799 --> 00:26:00.279 a huge library of modules to choose from. It's a 565 00:26:00.319 --> 00:26:02.680 perfect match for all kinds of security work. 566 00:26:02.960 --> 00:26:05.440 So to everyone listening, we challenge you to take what 567 00:26:05.480 --> 00:26:09.039 you've learned and start exploring Perl and cybersecurity. 568 00:26:09.279 --> 00:26:12.680 Try out those tools, write your own scripts, and never 569 00:26:12.720 --> 00:26:14.920 stop learning. You never know what you might be able 570 00:26:14.920 --> 00:26:15.200 to do. 571 00:26:15.319 --> 00:26:18.400 That's great advice. Thanks for joining us on this deep dive, 572 00:26:18.440 --> 00:26:22.640 and remember, stay curious, stay safe, and keep exploring the 573 00:26:22.680 --> 00:26:23.799 world of cybersecurity.