Presented at
DerbyCon 6.0 Recharge (2016),
Sept. 25, 2016, 11 a.m.
(50 minutes).
An Advanced Persistent Pentester is always willing to go the extra mile, working smarter, and harder to achieve success. An Advanced Persistent Pentester is always willing to go off script, creatively inventing new concepts, new tools, and techniques to get the job done. We all use automated tools and techniques to construct advanced malware which allows for expeditious entry, escalation, persistence and post exploitation during engagements. What happens when the standard tools, and techniques are just not good enough?
This talk will examine several different escalation, lateral movement, and post exploitation case studies talking about the various creative approaches in solving problems along the way, capturing the flag(s), and pushing to the extremes of threat modeling the real world information security environment. It was reported that in 2015 it took an average of 146 days to detect an attacker. How can successfully mimic the impact of having that much time to pillage a network in less than a week?
Presenters:
Similar Presentations: