<HTML><head>
<meta name="robots" content="noindex" />
</head>
<BODY link="#008000" vlink="#002000">

<left><title>Vulnerability Spidey Sense – Demystifying Pen Testing Intuition Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos) </title>
<CENTER>
<font size="6"><b>Vulnerability Spidey Sense – Demystifying Pen Testing 
Intuition</b></font><b><font size="6"><br>
Derbycon 2012</font><font size="4"> </font></b>
<p>A dedicated attacker does not have time limitations when attempting to find 
vulnerabilities in a target. As a penetration tester, you are bound by certain 
restrictions, including scope, attack methods, and time/date restrictions. 
Because of these restrictions, it’s helpful to prioritize certain targets over 
others to increase your chances of breaking in. This talk will cover scenarios, 
which raise red flags for us, why, and how to develop your own sense of 
intuition.</p>
<p>Dan Crowley / Chris Vinecombe</p>
<p>Daniel Crowley – Daniel (aka “unicornFurnace”) is an Application Security 
Consultant for Trustwave’s SpiderLabs team. He has been working in the 
information security industry for over 7 years and has been focused on 
penetration testing, specifically on Web applications. Daniel denies all 
allegations regarding unicorn smuggling and questions your character for even 
suggesting it. Daniel has developed configurable testbeds such as SQLol and 
XMLmao for training and research regarding specific vulnerabilities. Daniel 
enjoys climbing large rocks. Daniel is a frequent speaker at conferences 
including DEFCON, Shmoocon, and SOURCE. Daniel does his own charcuterie.<br>
<br>
Chris Vinecombe is an Application Security Analyst for Trustwave’s SpiderLabs 
team. He has been working in the information security industry for 2 years. He 
currently focuses on penetration testing, specifically web application security. 
He is eager to learn ALL the things.<br>
<br>
&nbsp;</p>
<p><iframe width="853" height="480" src="http://www.youtube.com/embed/f5C6-zzerZ8" frameborder="0" allowfullscreen></iframe></p>

<p><a href="http://www.irongeek.com/i.php?page=videos/derbycon2/mainlist">Back to Derbycon 2012 video list</a></p>
</CENTER></left><!-- Begin Adsense Code -->
<center>
<script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<!-- Bigger Box -->
<ins class="adsbygoogle"
     style="display:inline-block;width:336px;height:280px"
     data-ad-client="ca-pub-3256770407637090"
     data-ad-slot="9758277793"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</center>
<!-- End Adsense Code -->
<script type="text/javascript">
function killclippy()
{
var exdate=new Date();
exdate.setDate(exdate.getDate() + 150);
var c_value=escape(true) + "; expires="+exdate.toUTCString();
document.cookie="killclippycookie=" + c_value;
document.getElementById('clippy').style.visibility = 'hidden';
}
</script>
<!-- analytics -->
<script type="text/javascript">

  var _gaq = _gaq || [];
  var pluginUrl ='//www.google-analytics.com/plugins/ga/inpage_linkid.js';
  _gaq.push(['_require', 'inpage_linkid', pluginUrl]);
  _gaq.push(['_setAccount', 'UA-186935-2']);
  _gaq.push(['_setDomainName', 'irongeek.com']);
  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();

</script>
<!-- analytics -->
<P align=center><B>If you would like to republish one of the articles from this site on your webpage or print journal please contact <A href="i.php?page=contact"><font color="#FFFFFF">IronGeek</font></A>.</B></P>
<P> 
<P align=center>Copyright 2020, IronGeek</FONT></BODY></HTML>