Penetration testing is an art and a science. It takes the knowledge of networks/applications/all things computing as well as critical thinking and an understanding of human behavior to become a truly great tester. The tools and processes to carry out the trade have evolved significantly in the past few years with the explosion of offensive PowerShell, lowering the barrier to entry for the execution of advanced offensive tactics. If attackers are using these tools to break into networks, why shouldn’t defenders use the same to make their environments more secure? A popular question from system administrators to CISOs is: What can I do to learn this “stuff”? While penetration testing takes years of experience to master, defenders can use recent tool advancements to plug many of the common holes offensive teams take advantage of. This talk will highlight 10 key areas blue teams can regularly audit using offensive toolsets without needing a red team background. From quickly triaging open files shares, to examining domain trusts, to easily testing border egress, these red teams tools and tactics can help blue teams better secure the networks they defend.

Back to BSides Augusta 2015 video list