Do you trust your text editor? Have you ever considered the offensive capabilities of vim? Countless Linux/Unix users log into machines every day and run “vim $FILENAME”. However, few are aware of the hidden capabilities that vim can provide the offensive security community. Given the plethora of plugins, subsystems and user-defined functions Vim natively provides unique value for red team engagements. Weapons of Text Destruction highlights the capabilities of the leveraging Vim for performing unconventional red-team activities.
Jared Stroud is a Hack Fortress Judge, Collegiate Competition Red Teamer and SPARSA alumni. As a day job Jared is a Security Engineer for MITRE, a non-profit federally funded research and development center.