The Hackers EDC bag

pry0cc · February 19, 2017, 9:35am

If the arking causes a flame on the cloth of the bag, your entire backpack will catch fire, which will ignite the magnesium in the macbook casing.

Spec-Tacular.

anon79434934 · February 19, 2017, 2:47pm

When I buy an EDC bag that is weather resistant I also expect it to be fire resistant.

-Phoenix750

VVid0w · February 19, 2017, 4:40pm

Ballistic Nylon though fam. It shouldn’t catch flame unless you chuck it in burning fire pit.

pry0cc · February 19, 2017, 10:07pm

Man. You are not cheaping out on this! I would probably go for a normal second hand bag to make it look less conspicuous.

Modify it and insert your own secret pockets.

anon79434934 · February 20, 2017, 7:51pm

Or just carry everything in your jacket like I do.

-Phoenix750

VVid0w · February 20, 2017, 8:35pm

Heh, jackets with loads of pockets. Cant go wrong there eh? I almost feel as though every one of us has one haha.

Neo · February 23, 2017, 12:47pm

The post I never knew I needed, but needed more than most others.

THANKS

Neo · March 13, 2017, 12:49pm

I only saw this recently, but I will definitely add this to my EDC:

N30N · March 16, 2017, 8:34pm

@anon79434934 Umm… How? Do you have a custom built jacket, or there’s one on the market with a bunch of pockets?

@VVid0w Sadly no

sprtn · March 16, 2017, 11:20pm

If any of you folks are interested in what I carry for my red team engagements:

NOTE: Entry tools are not legal everywhere. Before I go on an engagement, I make sure I know the relevant laws.

Bag

GoRuck GR1 - This bag is tough as nails, and big enough to carry all the gear I need. Whether I’m sneaking in late at night, crawling under fences, or talking my way into an office, I carry everything I need. It’s not flashy, so it doesn’t draw unwanted attention.

Important caveat: It has limited internal organization, so you need to buy additional pouches to keep your gear organized.

##Tech

MacBook Pro - No red teamer is complete without a trusty laptop. The build quality of the MacBook is second to none, even though I don’t know if I’ll buy the newest model. I have a 13" rMBP. It’s light, powerful enough to run my tools and a couple VMs, and solid enough that I know I won’t break it. Also lasts for ~8 hours on battery; you never know if there will be a power outlet.

USB Rubber Ducky - Always take advantage of unlocked workstations. I take three with me on engagements; and set them up to deliver the appropriate payloads for the target environment.

Proxmark3 - Used to clone RFID badges. Can’t break into an area? Clone an RFID badge and use that to get in. Not always cooperative, but always useful.

Anker PowerCore 20100 - Always have extra power for your phone or other mobile devices. The Anker PowerCore is up against the allowed limit for batteries you can take with you on an airplane, at 20,100 mAh. This will keep your devices charged for days.

Bash Bunny - Newly released, but incredibly useful. This is a very dangerous device, the big brother to the USB Rubber Ducky.

Alfa AWUS036NEH - The standard for wireless hacking. Cheap enough that you can afford to break one, and works with every OS out there.

WiFi Pineapple - A lot of people consider this a script kiddy tool, but it’s very useful for real red teaming as well. Karma attacks, wireless sniffing, MitM capabilities… You can be dangerous with one of these.

Flash drives - You never know when you’ll need to move files around. I keep at least 2x32GB flash drives with me.

External hard drive - Big enough to keep backups of my laptop if anything goes wrong. Never used for client data.

##Entry Tools
Under-door tool - Not a very well-known tool outside of the physical security space, but it’s incredibly useful in most office environments. Gets you into practically any lever-handled door, locked or not.

Compressed air - If you think there will be doors with REX (request to exit) sensors, compressed air is a simple way to trick the sensor. Turn the can upside down, and spray a cloud of cold propellant to trick the sensor.

Snap gun - My picking skills aren’t the greatest, but this makes up for that (somewhat). If I don’t want to take the time to pick a lock, and I can afford a bit of noise, this is a quick way to pick certain locks.

Lockpicks - Lockpicks are sometimes necessary to get into a target facility. I’m no pro, but I always keep a set with me on engagements.

##Miscellaneous

Notebook - Always be ready to write important details down, whether or not your laptop is out.

Flashlight - Always have a small, bright flashlight. When you’re operating at night, you may need to see where you’re going. Also helps if the power goes out.

T5557 RFID Cards - These cards allow you to emulate low-frequency RFID badges. These are what you write cloned badges to.

Mifare Chinese Magic Cards - Sometimes you’ll come across an organization that makes use of high-frequency Mifare RFID badges. These cards are rewriteable Mifare cards that let you clone Mifare badges.

That’s pretty much everything that I carry with me on my engagements; if I come up with something that I’ve forgotten, I’ll be sure to add it in.

SmartOne · March 17, 2017, 5:57pm

Very interesting read! The bash bunny is new to me, but looks very useful! In your opinion, how does it compare to the USB Armory? Do you have any experience with it?
Spec wise, the USB Armory has a newer CPU. Also, with it’s micro SD card slot it seems to be more expansible. I didn’t find the dimensions of the bash bunny, but from the pictures it looks more bulky. Can you confirm this?
I’m looking forward to hearing your opinion on that!

Sirius · March 17, 2017, 6:54pm

Breaking and Entering is also not legal everywhere. xD

I’m assuming you get a voucher from the company hiring your services before you go on an engagement? I know I always bring a “Get out of jail free card” everytime (I did this once…) i go on a red team engagement.

How do you go about dealing with the legalities of working an engagement that say, has only an office or two in a bigger building not owned by your client?

sprtn · March 17, 2017, 7:07pm

We always have a “get out of jail free card” when we’re doing physical security assessments or red team engagements. If the cops are called, you need to have evidence that you are doing this legally.

If the client doesn’t own the entire facility, we’ll coordinate with the building management when doing a physical security assessment or red team engagement.

pry0cc · March 18, 2017, 9:33am

I don’t have any experience with RFID tags. I’d love to know a little more about it. Care to write an article on how you can use them?

evg1 · March 18, 2017, 10:34am

Getting caught with a bunch of tech inside a building and getting caught with a bunch of tech and an illegal 9mm pistol can make an enourmous difference.

anon79434934 · March 19, 2017, 1:17pm

You can’t get caught if there is nobody alive to catch you.

-Phoenix750

anon79434934 · March 19, 2017, 1:20pm

@N30N Build your own! There are plenty of jackets for sale in cloth stores that have a lot of pockets on the inside (mostly those business jackets because the more pockets you have to store your credit cards, the fancier you are), and simply tape together wires from one pocket to the other.

-Phoenix750

kowalski · March 19, 2017, 2:59pm

laughing my fucking ass out because there is a 20 char limit.

Bowlslaw · June 6, 2017, 8:27pm

What about some kind of drone?

A small, quiet one? You film difficult-to-access, or inaccessible, areas quickly and safely. You could also, say, drop a prepared RPi or something similar into an area to extend your range.

N30N · June 13, 2017, 3:17pm

Most drones make enough noise to be recognized. Do you know any that wont?