Explore real-world pentesting failures and lessons learned in this 56-minute conference talk from BSides Nashville 2018. Dive into Adam Compton's "Hillbilly Storytime: Pentest Fails" as he shares personal experiences and industry anecdotes. Discover the importance of embracing failure in cybersecurity, covering topics such as external engagements, web camera vulnerabilities, physical assessments, and one-day web application assessments. Learn valuable takeaways on mistake management, client interactions, and unexpected security weaknesses. Gain insights into common pitfalls like missed UDP ports, exploiting janitorial staff access, and the consequences of poor user awareness training.
Overview
Syllabus
Intro
Who am I
The concept of failure
Adams story
External engagement
Web cameras
Physical assessment
One day webapp assessments
Take aways
Making mistakes
Questions
Pentest Firms
Missed UDP Port
Using janitorial staff
Poor user awareness training