This presentation is intended to provide an overview of vulnerabilities and attack techniques that are popular in penetration testing at the moment. This talk is an updated version of last year’s talk from Scott and Karl. This talk includes real-world examples of attacks that they use on a daily basis, and some reflections on what techniques have changed over the last year. Vulnerabilities related to the application, network, and server layers will all be covered along with current anti-virus bypass and privilege escalation techniques used by attackers and penetration testers. This presentation should be interesting to security professionals and system administrators looking for more insight into real world attacks.
- Learn the most effective attacks in use today.
- Defend your network against common attacks.
- Learn useful attacks for all the layers.
About Karl Fosaaen
Karl Fosaaen is a senior security consultant at NetSPI. This role has allowed Karl to work in a variety of industries, including financial services, health care and hardware manufacturing. Fossaaen specializes in network and web application penetration testing. In his spare time, Karl helps out as an OPER at ThotCon and a swag goon at DefCon.
About Scott Sutherland
Scott Sutherland is a security consultant responsible for the development and execution of penetration test services at NetSPI. His role includes researching and developing tools, techniques and methodologies used during network and application penetration tests. As an active participant in the information security community, Sutherland performs security research in his free time and contributes technical security blog posts, presentations and tools on a regular basis through NetSPI. You can find him blogging on the NetSPI website and on Twitter.