Collaborative Penetration Testing With Lair

DEF CON 21

Presented by: Dan Kottmann, Tom Steele
Date: Sunday August 04, 2013
Time: 14:30 - 14:50
Location: Track 2
Track: Track 2

Lair is an open-source project developed for and by pentesters. Built on Meteor and Node.js with a dash of Python, Lair is a web application that normalizes, centralizes, and manages diverse test data from a number of common tools including Nmap, Nessus, Nexpose, and Burp. Unlike existing alternatives, Lair encourages team-based collaboration by automatically pushing updates to team members in real time. Paired with it's workflow and documentation management, Lair offers a single solution for performing a detailed, thorough penetration test individually or as a team in a manner that has not been done before.

Tom Steele

Tom Steele (@_tomsteele) hails from Seattle Washington where he works as a Security Consultant at FishNet Security. The dynamic nature of his current role allows him to touch many areas of the offensive security spectrum. When not working he can be found gaming and creating tools to solve complex problems.

Dan Kottmann

Dan Kottmann As a consultant in FishNet Security's security assessment practice, Dan performs social engineering and network and wireless penetration tests. Dan has roughly nine years of consulting experience and five years of professional experience in the security industry.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats