The goal of this talk is to help educate those who are new or learning penetration testing and hacking techniques. We tend to see the same mindset applied when we speak to those new to pentesting “Scan something with Nessus to find the vulnerability, and then exploit it…Right?”. This is very far from reality when we talk about pentesting or even real world attacks. In this talk we will cover five (5) techniques that we find to be highly effective at establishing an initial foothold into the target network including: phishing, multicast protocol poisoning, SMBrelay attacks, account compromise and web application vulnerabiltiies.

Zack Meyers is a business oriented guy that then became a motivated InfoSec geek after getting started as a continuous monitoring vulnerability analyst. Shortly after, he took an interest in the offensive side of security work and currently works as an Offensive Security Engineer at BreakPoint Labs. Today he is always looking to learn about new techniques and tools that can help him identify his next big vulnerability finding. He is currently a member of Primal Security Blog | Podcast and holds several security certifications including OSCP, CISSP, GWAPT, GPEN, GCIH, etc.

b3armunch

Back to BSides NOVA 2017 video list