Bsides Philly 2016: Finding A Company’s BreakPoint
Posted on February 15th, 2017
BSides Philly is an information security conference that’s a volunteer organized event, hosted by and for the community, with a goal of advancing knowledge among security engineers. The conference was held on December 2nd and 3rd 2016 at the Drexel University Creese Student Lounge.
Finding A Company’s BreakPoint
The goal of this talk is to help educate those who are new or learning penetration testing and hacking techniques. We tend to see the same mindset applied when we speak to those new to pentesting “Scan something with Nessus to find the vulnerability, and then exploit it…Right?”. This is very far from reality when we talk about pentesting or even real world attacks. In this talk we will cover five (5) techniques that we find to be highly effective at establishing an initial foothold into the target network including: phishing, multicast protocol poisoning, SMBrelay attacks, account compromise and web application vulnerabilities.