A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Spanking the Monkey (or how pentesters can do it better!) - Justin Whitehead Chester Bishop Derbycon 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Spanking the Monkey (or how pentesters can do it better!)
Justin Whitehead Chester Bishop
Derbycon 2015

In today's mainstream penetration testing and Red Team environments we feel that the teams are relying too much on noisy scanners. In part making for a large group of scanner monkeys. This talk is bringing back old school ways with a new flavor, a new flair to prove that those techniques still work in the majority of engagements that many of us are involved in. The problem with many tools is not only how noisy they can be, but also the amount of logic and decision making that goes on under the hood without any human input. We want to show manual testing of a web application in order to: 1. Make a pentester a valuable asset that won't be replaced by a tool. 2. Demystify the idea that scanners are necessary for pentesting. 3. Show how you can become a stealthy attacker.

Justin Whitehead Security and Forensic Analyst at One World Labs in Denver, CO. Justin received his Bachelors of Science in Computer Information Systems with a focus in Computer Forensics. His certifications include: CompTIA Security+, ITIL Foundations, CHFI, CCFI, CEH, CPT and ACE.

@3uckaro0

Back to Derbycon 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast