All I wanted to do was get my hands on The Hacker Playbook to better my game. Of course, searching took forever, and after going through endless links, I finally came across a site which looked like a legitimate source. 

Well, boy was I wrong!

I downloaded from their link and instead of the actual PDF, they threw at me a "Are you really not a robot?" captcha. Nothing new in there and after checking the "I'm not a robot" checkbox, things turned bizarre. A window came up requesting that I enter some PowerShell command into my terminal in order to verify my "humanity."

Of course, as any seasoned security student will tell you, if a website asks for running something inside a terminal, there should be a red flag. Instead of doing so, out of curiosity, I checked the code.

The code, while being a total mess, showed me quite clearly what these guys were trying to do…