Panel: Black vs. White: The complete life cycle of a real world breach

Presented at DEF CON 16 (2008), Unknown date/time (Unknown duration)

Black vs. White: The complete life cycle of a real world breach combines a unique idea and a real-world case study from a client of ours that details the start of a hack to the identification, forensics, and reversing. We will be discussing some advanced penetration techniques and reversing topics. Starting off, we will be performing a full system compromise from the internet (complete with live demos), installing some undetectable viruses, and having a separate team reverse it, and show you what its doing and how it works. This is the ultimate battle of evil verses good. Additionally, what would a con be without some awesome tool releases? We will be releasing (and demoing) two tools, one a Windows GUI for the windows folks that does everything for SQL injection rooting, minus making you breakfast, one Linux based tool that auto crawls a site and performs blind/error based SQL injection with reverse command shells using various options for payload delivery.

Presenters:

  • David Kennedy / ReL1K - Practice Lead: Profiling & e.Discovery, SecureState   as David Kennedy
    David Kennedy CISSP, GSEC, MCSE 2003, is the practice lead for the profiling and e.Discovery group at SecureState, a Cleveland Ohio based security consulting company. David has been in the security field for over eight years. David has released tools in the past, including the popular python based tool called Fast-Track, included in Back|Track 3. David is also a contributor to the Back|Track suite. David runs a team of highly skilled security individuals that perform penetration tests on large to mid-sized businesses. Some of our clients include top ten banks, fortune 500/1000 companies, and multi-billion dollar organizations. Prior to SecureState, David worked for the National Security Agency (N.S.A.) working in a specialized security group as an active duty Marine. David has developed several systems for the DoD relating to security and are still being used to-date. David has presented at several speaking engagements including the international INFOSEC summit, the international HTCIA, and various other large-scale forums.
  • Andrew Weidenhamer - Staff Security Consultant, SecureState
    Andrew Weidenhamer is SecureState's lead penetration tester and has been involved in security tool development in the community as well as performing large scale penetration efforts on numerous organizations. Andrew first started his security career at Key Bank, handling bank level security. Quickly desiring a more robust and fast-paced environment, Andrew joined SecureState and quickly became their lead penetration tester.
  • John Melvin - Senior Security Consultant, SecureState
    John Melvin CISSP, GSEC, is SecureState's lead forensics investigator and handles all incident response, reverse engineering, and virus development at SecureState. John's mission is to respond and handle breaches to organizations and identify how, when, and why they occurred. Prior to SecureState, John worked for several highly classified programs, specifically pertaining to reverse malware/virus anomaly detection.
  • Scott White - Senior Security Consultant, SecureState
    Scott White is SecureState's lead web application security penetration tester. Scott is heavily involved with the OWASP, running the Cleveland, Ohio OWASP chapter. He has been instrumental in securing web applications for companies all over the country.
  • Ken Stasiak - President & CEO, SecureState
    Ken Stasiak CISSP, CISA, GSEC, CISM, QSA, is the president and CEO of SecureState and has been involved in security for over fourteen years. Ken originally began his security career at Ernst & Young where he had the privilege of working with extremely talented people including Jeff Moss, and the original founders of Foundstone. After E&Y, he moved to Arthur Anderson where he headed up an entire regional security group for the organization. Ken started SecureState a week after September 11th, 2001 to create an elite dedicated security company that was known throughout the world.

Links: