Ever wonder what hacking as a career is like? One of the most well-known roles a hacker has in the workplace is Penetration Testing, also known as pentesting. Pentesting is active introspection of a network or computer to see what the vulnerabilities are. The goal of this is to be able to improve upon the security of a network by knowing where it is vulnerable.
There are many tools that penetration testers use - some examples of which are the USB Rubber Ducky and the WiFi Pineapple by Hak5. These are pieces of hardware that are used to test the security posture of people and devices. The USB Rubber Ducky looks like a regular USB, but when it is plugged into a computer it is registered as a keyboard instead. A series of keystrokes can be executed to do almost anything to a machine - as if an attacker were sitting at your keyboard.
The WiFI Pineapple tends to be used for a much more passive attack - this Rogue Access Point can spoof trusted domains to either capture or control your entire Internet activity. These rogue APs are very difficult to detect without the help of network security software.
These are just two of many tools that lie at the belt of the average penetration tester - but how does one protect themselves from attack? The easiest way to prevent a USB Rubber Ducky from making its way onto your machince is to only use USBs that are genuine and trusted - and not to use any USB you happen to find. Protecting yourself from a WiFi Pineapple may be a bit trickier - the best way to avoid attack is to use mobile data where trusted networks are not available.
If you want to learn more about these tools or offensive security in general, feel free to use any of the links provided!