A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Vulnerability Spidey Sense – Demystifying Pen Testing Intuition Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Vulnerability Spidey Sense – Demystifying Pen Testing Intuition
Derbycon 2012

A dedicated attacker does not have time limitations when attempting to find vulnerabilities in a target. As a penetration tester, you are bound by certain restrictions, including scope, attack methods, and time/date restrictions. Because of these restrictions, it’s helpful to prioritize certain targets over others to increase your chances of breaking in. This talk will cover scenarios, which raise red flags for us, why, and how to develop your own sense of intuition.

Dan Crowley / Chris Vinecombe

Daniel Crowley – Daniel (aka “unicornFurnace”) is an Application Security Consultant for Trustwave’s SpiderLabs team. He has been working in the information security industry for over 7 years and has been focused on penetration testing, specifically on Web applications. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel has developed configurable testbeds such as SQLol and XMLmao for training and research regarding specific vulnerabilities. Daniel enjoys climbing large rocks. Daniel is a frequent speaker at conferences including DEFCON, Shmoocon, and SOURCE. Daniel does his own charcuterie.

Chris Vinecombe is an Application Security Analyst for Trustwave’s SpiderLabs team. He has been working in the information security industry for 2 years. He currently focuses on penetration testing, specifically web application security. He is eager to learn ALL the things.

 

Back to Derbycon 2012 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast