A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Look Ma, No Exploits! – The Recon-ng Framework - Tim “LaNMaSteR53″ Tomes Derbycon 2013 (Hacking Illustrated Series InfoSec Tutorial Videos)

Look Ma, No Exploits! – The Recon-ng Framework - Tim “LaNMaSteR53″ Tomes
Derbycon 2013

Description: I’ve been on the conference circuit for the last year preaching the importance of thorough reconnaissance as a part of the penetration testing methodology. I’ve talked about the principles of reconnaissance, how to accomplish it quickly and effectively, and even released a few tools to help along the way. In my latest tool, the Recon-ng framework, the power of reconnaissance has been taken to a new level. In this talk, I am going to discuss and demonstrate the power of the Recon-ng framework by walking attendees through a live reconnaissance scenario which starts with the tester having nothing but the framework, and ends in the tester gaining credentials to the target environment. All without sending a single packet to the target network. Come a skeptic. Leave a believer. Reconnaissance is king.

Bio: Tim Tomes is a Senior Security Consultant, Research Specialist, and Developer for Black Hills Information Security with over 20 years experience in information technology and application development. During a 9-year career as an Officer in the United States Army, Tim spent three years as the Army Red Team Senior Team Leader and was the principle developer and manager of the Army’s first Cyber Defense Training Program (255S). Tim manages multiple open source projects such as the Recon-ng framework, the HoneyBadger Geolocation framework, and PushPin, is a SANS Instructor for SEC542 Web Application Penetration Testing, writes technical articles for PaulDotCom, and frequently presents at Security Conferences such as ShmooCon, DerbyCon, Hack3rCon, and Regional ISSA Conferences.

Back to Derbycon 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast