We want to make sure you always have access to the information being provided by Red Siege. Below, you have a brief description and a link to download the slides for use during, and after any instructional discussions.
There are lots of us who want to know more but are either overwhelmed by the idea that buffer overflows are beyond their capabilities or just don’t know where to get started. This is a 101-level talk; Mike Saunders talks about how a buffer overflow works, how to fuzz an app to identify an overflow opportunity, and how to create a simple overflow that will result in a compromise of a target system. By the end, you will have the information and resources needed to write your first overflow.
Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then show you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, he discusses defenses for these various attacks.
As a continuation of “ASSUMED BREACH PART I” with Tim Medin – We will be taking an even deeper and more critical look at today’s current penetration test standard. The current model for penetration testing is broken. The typical scan and exploit model doesn’t reflect how real attackers operate after establishing a foothold. At the same time, most organizations aren’t mature enough to need a proper red team assessment. It’s time to start adopting the assumed breach model. In this talk, Mike will discuss techniques for assumed breach assessments that provide a better model for emulating the techniques attackers use once they’ve established a foothold inside a typical network.
Traditional penetration testing often concede internal access to the tester, but then the tester does a lot of scanning and poking around. This is not representative of most breaches. Most breaches start with a phish and adversary effectively starts with access as one of your users on one of your systems. Are you prepared to defend? In this talk, Tim Medin will discuss the shortcomings of the traditional penetration test, and talk you through ways to deliver (and receive) a higher value penetration test.
Want to be more offensive in the office? Many defenders want to try their hand at offense. The trick is, they can and they should! You can do bits of pen testing in your defensive role and management will likely thank you for it. In this talk, Tim Medin will discuss how he used his defensive roll to pivot into offense. Even if you don’t want to leave defense (because defense is fun too) you might want to spend some time looking at the other side.
Corey Overstreet talks intelligence gathering made easy. Ever wonder how attackers gather information on a target organization? Knowing where to look can uncover a wealth of information leading to a successful phish or first foothold. In this talk, we will cover different intelligence gathering techniques targeting an organization’s external services and staff all while leaving little to no trace of our actions.
Tim Medin and Mike Saunders show you tools and techniques to find vulnerabilities and demonstrate risk, without using Domain Administrator access. Domain Admin access is the goal for many penetration tests and red teams, but it is misguided. Domain Admin is a tool, not a destination. Sometimes, a penetration tester or red team will be unable to obtain this access, but it does not mean that the test is without value.
Tim Medin discuss the dumbest red team tricks and hacks encountered over the years. We are going to take the A out of APT, because so few attackers really need to use advanced techniques. You often don’t have to do advanced attacks to have significant impact. This is an updated version of the original talk with new stories and examples.
There are many common offensive techniques that can be easily thwarted. While much of the defensive focus is on prevention, detection is often overlooked. We cant keep the bad guys out forever, but we can shorten detection time with simple tricks. The sooner you find the bad guys, the sooner you can kick them out.ult.
Getting started with testing web apps can be a daunting task. “Ooh, shiny!” rabbit holes are just around the corner with every click. Without a good plan and a road map, it can be very easy to get lost in these holes and run out of time before reaching your goal. This talk covers how to identify the goal and set up a plan that will help you avoid the rabbit holes, identify the points you should focus on, and ultimately help you become an effective application tester.
On pen tests and red team engagements, there are a number of Active Directory misconfigurations we see way more often than we should. In this presentation Tim discusses common improper configurations, how to detect them and how to attack them. The presentation includes scenarios similar to his recent offensive engagements bringing a practical spin to this presentation.
Blue of being blue? Want to be more offensive in the office? Many defenders what want to try their hand at offense. The trick is, they can! You can do bits of pen testing in your defensive role and management will likely thank you for it. In this presentation, Tim discusses how he used his defensive roll to pivot into offense. Even if you don’t want to leave defense (because defense is fun too) you might want to spend some time looking at the other side.
Tim and Mike show you tools and techniques to find vulnerabilities and demonstrate risk, without using Domain Administrator (DA) access. DA access is the goal for many penetration tests and red teams, but it is misguided. DA is a tool, not a destination. Sometimes, a penetration tester or red team will be unable to obtain this access, but it does not mean that the test is without value.
Windows Management Instrumentation (WMI) is the infrastructure for management data and operations on Windows-based operating systems. That couldnt sound more boring. WMI is great for monitoring, but it is also fantastic for offense. WMI can be used for lateral movement. It can also be used for file-less persistence. In this webcast, Tim Medin will discuss the fun that is WMI and how you can use it to have a more effective offense.
The current model for penetration testing is broken. The typical scan and exploit model doesn’t reflect how real attackers operate after establishing a foothold. At the same time, most organizations aren’t mature enough to need a proper red team assessment. It’s time to start adopting the assumed breach model. In this talk, Mike discusss techniques for assumed breach assessments that provide a better model for emulating the techniques attackers use once they’re they’ve established a foothold inside a typical network.
Security teams should not operate under the assumption that a breach will happen, but when. The fresh twist on penetration testing puts an attacker (good guy/gal) on your systems running under the context of an authorized user. The goal is to simulate a compromised system or a rogue trusted insider. The goals of the test should be focused on the business risk and how insecurities, vulnerabilities, and misconfigurations can impact the data and processes vital to the organization. Goals are business focus, not domain admin focused.
Simple fixes can make attackers lives much more difficult. Many defenses can be incorrectly focused. In this presentation, Tim Medin discusses simple defenses that can make the attakcer’s life harder and make it easier for defenders to stop and detect attackers.
We all want to be better at what we do. We all want to focus on things in our careers that are the most fun. Unfortunately, we often prioritize useless activities over the fun or important ones. We want more time to hack, more time to learn, and more time for family and friend; but there we only have so many hours per day. In this talk you will learn how to be more efficient, and save time for both yourself and those around you. Hack your head and schedule to a more productive, efficient, and fun life.
Small organizations don’t have the budget for big security tools. These small orgs often think they won’t be the target of attacks because “why me?” Realistically, if you have money (or perceived access to money) you are a valuable target. In this talk, Tim discusses simple defenses that even small organizations can implement to increase their security posture.
Meteor is a game-changing framework for rapid software development and is the top-rated web framework on Github. Meteor offers a number of benefits including offering real-time applications by default. With its great benefits, we are likely to see more Meteor applications…
…And you should know how to hack it!