Godamitsomuch. How did printing a report from a vuln scanner qualify as a “pen test”? Why are your testers ignoring low and informational findings? In this presentation, John will cover some key components that many penetration tests lack, including why it is important to get caught, why it is important to learn from real attackers and how to gain access to organizations without sending a single exploit, and how to look for other attackers on the network. Additionally, John will show you how to bypass “all powerful” white listing applications that are often touted as an impenetrable defense.

Back to Derbycon 2014 video list