Explore the world of penetration testing in this comprehensive conference talk from BSides Detroit 2016. Gain valuable insights from Calvin Hedler as he shares his expertise on becoming a successful pentester. Learn about essential gear, tools, and strategies for planning ahead and finding vulnerabilities. Discover the importance of maintaining professionalism, avoiding cocky behavior, and prioritizing security over personal enjoyment. Delve into case studies covering reverse brute force attacks, Responder tool usage, physical security challenges, and SQL injection techniques. Understand the significance of constant learning, creative problem-solving, and OPSEC in the field. Acquire knowledge on prerequisite skills, job titles, external tools, Linux proficiency, and the use of Metasploit. Whether you're a beginner or an experienced professional, this talk offers practical advice and real-world examples to enhance your penetration testing skills.
Overview
Syllabus
Introduction
About Me
About This Talk
What Should You Do
Gear
Tools
Plan Ahead
Find the Goods
Dont Get Cocky
Youre Not There to Have Fun
Dont Break Things
Dont Create Insecurity
Dont Get Caught
First Case Study
Reverse Brute Force
Responder
Whats Next
Physical Security
Case Study
Sequel Injection
Next Year
Scope
Dont hash dump
Getting caught
Servers are fragile
Its not just about domain admin
Not just a list of vulnerabilities
Most of what I learned about attacking systems
Always be constantly learning
How can we bypass this
The more the better
If Im understanding
OPSEC
Prerequisite Knowledge
PCI
Job Title
External Tools
Linux
Contact Information
Be Creative
Metasploit
