Full-Contact Recon

DerbyCon 7.0 - Legacy

Presented by: savant, int0x80
Date: Saturday September 23, 2017
Time: 16:00 - 16:50
Location: Track 1 - Break Me

Imagine starting your pentest with a shell. Better yet, a shell with privileges. Skip the web app. Forget bruteforcing. Hackers often take the path of least resistance, and so should you. Not a pentester? You can still do this, and defend your infrastructure.

Full-Contact Recon will guide the audience through practical information looting from public sources like Travis-CI, GitHub, Data.com, and popular social platforms (LinkedIn, Twitter, etc). We will also release three tools to streamline the process. Coupled with experiences from actual red team operations; we will show you several ways to make your first connection a privileged shell.

int0x80

int0x80 - int0x80 is the rapper in Dual Core. int0x80 - @dualcoremusic

savant

savant - savant is not in the sudoers file. This incident will be reported. savant - @savant42


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats