Overview
Explore a year in the life of a penetration tester through this engaging conference talk from DerbyCon 4. Delve into various security testing scenarios, including phishing attempts, physical penetration tests, and open pentests. Learn about the creation of phishing sites and emails, the challenges faced during failed phishing attempts, and the intricacies of multiple physical penetration tests across different locations. Gain insights into scenario-based testing and discover a new tool release called eLDAPper. This comprehensive review covers diverse aspects of cybersecurity testing, from mainframes to mopeds, offering valuable lessons and experiences for security professionals and enthusiasts alike.
Syllabus
Intro
Disclaimer
This Year
This directory had
Why Canada?
Create phishing site
Create phishing Email
Who's the email from?
Upon installation
Testing Dropper
First phish
ITS Response
Second phish
What did I learn from failed phishing
Quick Side Note
Physical Penetration Test - 2 locations
Another Physical Pen
One more physical
Open Pentest
Scenario based
Tool Release
eLDAPper Dan Detail