Morphing to Legitimate Behavior Attack Patterns

Presented at Wild West Hackin' Fest 2017, Oct. 27, 2017, 9 a.m. (45 minutes).

Let's face it, the industry is getting better at detection. Not everyone, but it's getting there. Companies are focusing on getting logs from their endpoints and looking for abnormal patterns of behavior. As attackers, our tactics have been shifting over time to become more compliant with standard protocols and behavior. This has implications on how we test, length of engagements, and the level of effort to attack. It’s not as easy as it once way (with many exceptions), but as defense grows, our capabilities as attackers has to grow as well. This talk will dive into what I'm seeing out there as far as detection capabilities, and how to get around them. Let’s take a dive into multiple detection and preventive capabilities and how to circumvent them without getting detected. As the offense, we can't rely on hoping for multicast to DA every time. The times are changing, our skills need to match that appropriately.

Presenters:

  • David Kennedy / ReL1K - Trusted Sec   as Dave Kennedy
    David Kennedy is the founder of TrustedSec, Binary Defense Systems, and DerbyCon. TrustedSec and Binary Defense are focused on the betterment of the security industry from an offense and a defensive perspective. David also serves as a board of director for the ISC2 organization. David was the former CSO for a Diebold Incorporated where he ran the entire INFOSEC program. David is a co-author of the book "Metasploit: The Penetration Testers Guide", the creator of the Social-Engineer Toolkit (SET), Artillery, Unicorn, PenTesters Framework (PTF), and several popular open source tools. David has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. David has also helped on the Mr. Robot TV show on hacker techniques. David is the co-host of the social-engineer podcast and on several additional podcasts. David has testified in front of Congress on two occasions on the security around government websites. David is one of the founding authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Prior to the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.

Links:

Similar Presentations: