Collaborative Penetration Testing With Lair

Presented at DerbyCon 3.0 All in the Family (2013), Sept. 27, 2013, 7 p.m. (50 minutes).

Lair is an open-source project developed for and by penetration testers. Built on Meteor and Node.js with a dash of Python, Lair is a web application that normalizes, centralizes, and manages diverse test data from a number of common tools. With this, users can get deal with data from these tools quickly, allowing them to focus on manual testing. Unlike existing alternatives, Lair encourages team-based collaboration by automatically pushing updates to team members in real time. Paired with it’s workflow and documentation management, Lair offers a single solution for performing a detailed, thorough penetration test individually or as a team in a manner that has not been done before.


Presenters:

  • Tom Steele
    Tom Steele hails from Seattle Washington where he works as a Security Consultant at FishNet Security. The dynamic nature of his current role allows him to touch many areas of the offensive security spectrum. When not working he can be found gaming and creating tools to solve complex problems.
  • Dan Kottmann
    Dan Kottmann has been in the security field for over 5 years. Currently he is a Security Consultant at FishNet Security.

Similar Presentations: