< Overview >

This talk is all about how to go beyond automated tools to hunt for vulnerabilities.  I discuss a lot of tips and tricks for use in external security assessments.  This talk was given live at the DC Cyber Warriors Meetup group on 02/09/2015.

< Outline >

  • Overview
  • Testing Methodologies
  • Soft Skills
  • Why Go Beyond Automated Testing
  • Finding Unknown Stuff
  • Vulnerability Exploitation
  • Reporting and Automation
  • Useful Training and Talks

< Slides > Link Here (HTML Version)

< Video >