Loading…
Simple
Expanded
Grid
By Venue
offense [clear filter]
Friday, May 3
 

11:00am CDT

UNIX: the Other White Meat
As the targets in many penetration tests and red team activities as well as being the focus of much of the active research being performed in the InfoSec arena, Windows takes center stage. However, we are not going to be talking about Windows; we are here to discuss Unix (and Unix like OSes). While these systems can and do contain some of the most critical information on many networks, we feel they do not get enough time in the spotlight. So, if you want to learn a bit more about Unix and what you can do to/with it as a pentester, then please stop by and have a listen.
Speakers
avatar for David Boyd

David Boyd

Senior Security Consultant, TrustedSec
David Boyd (@fir3d0g) is a Senior Security Consultant with TrustedSec. He is a Christian, husband, and father that also enjoys geek culture, has an affinity for video games, and an appreciation of Mountain Dew. He has worked in several environments including education, military, retail... Read More →
avatar for Adam Compton

Adam Compton

Principal Security Consultant, TrustedSec
Adam Compton has been a programmer, researcher, instructor, professional pentester, father, husband, and farmer. Adam has over 2 decades of programming, network security, incident response, security assessment, and penetration testing experience. Throughout Adam's career, he has worked... Read More →

Friday May 3, 2019 11:00am - 12:00pm CDT
KEC 17 Market Square Suite 101, Knoxville, TN 37902, United States
  offense

4:00pm CDT

Exploit development for penetration testers
Where is the line between misconfiguration and vulnerability? Red team attacks generally succeed by exploiting well-worn paths, as the resources required to discover new zero-days tend to be more fruitfully spent elsewhere. But does this mean that red team coders don't get to write any interesting new exploits? Far from it!

In this talk, we will walk you through the process of developing a novel file format exploit and using it to root a public cloud service during a 2018 red team. This research, which the authors first presented at Derbycon 8.0, will be accompanied for the first time by the release of a new open source tool.
Speakers
avatar for Adam Reiser

Adam Reiser

Security engineer, Cisco ASIG
Adam is a security engineer with Cisco's Advanced Security Initiatives Group. His work includes pentesting, redteaming, and exploit research. He cultivated an early interest in infosec as a sysadmin at the Open Computing Facility at UC Berkeley, while there completing his physics... Read More →

exploit dev for pentesters pptx
Friday May 3, 2019 4:00pm - 5:00pm CDT
KEC 17 Market Square Suite 101, Knoxville, TN 37902, United States
  offense
 
Filter sessions
Apply filters to sessions.
Friday, May 3
KEC
Oodles Uncorked
Preservation Pub
Scruffy City Hall
  • culture
  • defense
  • offense
  • research
  • reverse engineering
  • storytelling
  • Popular