MetaSploit is a powerful and comprehensive framework for manipulating machines, and is well positioned to do more than just play offense. This talk will spend some time with the effectiveness of modern attack methods and traditional/mainstream defense, and then discuss leveraging MSF for investigations and incident response. The remainder of the presentation will review the development and capabilities of CounterSploit, a set of defensive live-response utilities implemented within the MetaSploit Framework.
John is an InfoSec engineer who tries to help companies make their environments less bad. He has experience with successes and failures in enterprise networks, and recently had the opportunity to participate in some R&D as part of Cyber Fast Track.