A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Living off the land: enterprise post-exploitation - Adam Reiser Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Living off the land: enterprise post-exploitation
Adam Reiser
Derbycon 2018

You've compromised that initial server and gained a foothold in the target network: congratulations! But wait - the shadow file has no hashes but root, the ssh keys have strong passphrases, and all the interesting traffic is encrypted - there's nothing of value here! Or is there? In this talk, I will explore post-exploitation techniques for turning your compromised bastion hosts into active credential interceptors under a variety of blue team monitoring scenarios.

Adam Reiser is a security researcher with Cisco's Advanced Security Initiatives Group. His work includes red team engagements and hunting for zero days. He cultivated an early interest in information security as a sysadmin at the Open Computing Facility at UC Berkeley, while there completing his physics degree. His other interests include acroyoga and riparian restoration.

N/A

Back to Derbycon 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast