Presented at
DerbyCon 7.0 Legacy (2017),
Sept. 23, 2017, 4 p.m.
(50 minutes).
"Imagine starting your pentest with a shell. Better yet, a shell with privileges. Skip the web app. Forget bruteforcing. Hackers often take the path of least resistance, and so should you. Not a pentester? You can still do this, and defend your infrastructure.
Full-Contact Recon will guide the audience through practical information looting from public sources like Travis-CI, GitHub, Data.com, and popular social platforms (LinkedIn, Twitter, etc). We will also release three tools to streamline the process. Coupled with experiences from actual red team operations; we will show you several ways to make your first connection a privileged shell."
int0x80 - int0x80 is the rapper in Dual Core. savant - savant is not in the sudoers file. This incident will be reported.
int0x80 - @dualcoremusic
savant - @savant42
Presenters:
Links: