So you got into a network, but now what? You might be swimming in a corporate environment full of thousands of systems and users. If you're in a goal-oriented penetration testing scenario, it's important to quickly and efficiently find the crown jewels. In this presentation we will present post-exploitation strategies and techniques for finding the interesting bits in a big network. We will be releasing several tools and describing practical data collection and analysis techniques for converting a compromise into success criteria.

Josh Stone and Patrick Fussell are penetration testers with PSC, working primarily in the PCI compliance space. Between the two of them, there's over 15 years of penetration testing experience, and they get to work with some of the world's largest service providers and merchants.

Recorded at NolaCon 2016