Network penetration tests can be difficult, particularly at scale. This talk introduces Nepenthes, an open-source tool for network penetration tests. It has a focus on external tests with many hosts, particularly in web-heavy networks. Nepenthes can manage network based scans in parallel, from grabbing SSL information and taking screenshots to nmap scans. It allows for off-hours scans, from anywhere around the world. Scans can be performed from as many hosts as desired, including public clouds. Nepenthes makes it easy for multiple people to collaborate, with easy access to information. A flexible worker system and easy Rails extensibility make Nepenthes easy to modify, as has been done frequently at [employer name redacted in submission]. These features are usually included in future tests to make the experience even better. This presentation will be a brief tour of the reasons for Nepenthes' existence (the need for a high-capacity scanner that combines data from different tools), its features, a demonstration, and information on how to get, install, and extend Nepenthes. The talk will assume some familiarity with external network penetration tests, but no specific knowledge is strictly necessary. While Nepenthes is the focus, this talk should give additional resources for all netpens, with and without Nepenthes.

Bio: Andy is currently a security consultant with NCC Group. He has years of experience in secure software development, research, protocol design/analysis, and system design/administration. Before NCC Group, Andy has worked with groups from Fortune 100 companies to small startups, developing applications and performing tests.

Back to Circle City Con 2015 Videos list