CredDefense Toolkit

Presented at DerbyCon 7.0 Legacy (2017), Sept. 22, 2017, 3 p.m. (50 minutes)

Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, there a typical paths to "winning" that present themselves over and over. Expensive, difficult to configure, and cumbersome to maintain tools exist to help prevent and alert on some of these attacks. Wouldn't it be great if there was a open-source solution available that was just the opposite of that? Well here it is! A defense and alerting toolkit from the perspective of pentesters. Beau, Brian, and Derek are all Security Analysts and Researchers for Black Hills Information Security. Among other duties, the three provide pentesting for organizations that span the spectrum of retail, financial, and government. When not pentesting, the group works together to create open-source tools to give back to the community. beau - @dafthack brian - @fullmetalcache derek - @0xderuke