Going back to our example from the beginning of the chapter, let's see how the topics covered in this chapter apply to the real world. Several Red Team security firms now offer physical and cyber security penetration testing services, acting as if they were a persistent and well-trained threat. Employing their own teams of white-hat hackers, a couple of teams we'd interacted with in the Northeastern US now employ concealed Raspberry Pis as sensors that allow them to scope the environment, find weak spots in the environment, and exfiltrate their targets' data to their C&C servers using stunnel to provide evidence to their sponsors.
In one of the more innovative deployment scenarios, they embedded the Raspberry Pi within the customer's own utility boxes during an electrical inspection at the desks of the target's office staff. These sensors established reverse SSH tunnel-protected access to the Red Team's C&C server, and using some of the tools discussed...