Loading…
BSidesSF 2018 has ended
View analytic
Monday, April 16 • 11:00am - 6:00pm
Modern Red Team Immersion Bootcamp, Condensed FULL

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Limited Capacity full
Adding this to your schedule will put you on the waitlist.

The Modern Red Team Immersion Bootcamp is designed to expose students to the types of attacks that long term persistent Red Teams have deployed against modern organizations. This is a condensed version of a two day course. In this workshop we will focus on post exploitation, lateral movement, and escalation techniques within modern environments comprised of OSX, Linux, Continuous Integration Systems, and elastic compute services.

Requirements: Some familiarity with basic penetration testing concepts will be helpful, but is not absolutely required. Proficiency using a command line and search engine in conjunction to solve problems is highly recommended to enjoy the class. Access to both an OSX and Linux laptop or virtual machine with internet connection is required to access labs and complete course content. The recommended setup is an OSX laptop with a Kali or Ubuntu Virtual Machine. If you are unable to meet this requirement you can still take and enjoy the class but please be advised that approximately 20% of the course’s hands-on lab content will require a Mac OS system. It is advised to have VMWare Fusion or VMWare Workstation installed in advance.

Outline: 
  • Perimeter Breach
    • Public Credential Reuse Tricks
    • Targeted Social Engineering and Spear Phishing
    • Social / Physical
    • Malware Considerations
  • Escalation
    • Post Exploitation 101
    • Userland Password Stealing Techniques
    • Application Secret Stealing Techniques
    • 2FA Bypass Techniques
    • AWS Post Exploitation
  • Lateral Movement
    • Lateral Movement Path Visualization
    • Credential Harvesting Techniques
    • Piggybacking Users to Bypass 2FA
    • Tunneling and Proxying
    • Continuous Dis-integration Techniques
  • Persistence
    • Live Fire Persistence


Presenters
JS

Josh Schwartz

Director of Offensive Engineering, Oath
FuzzyNop is a computer that knows how to computer.


Monday April 16, 2018 11:00am - 6:00pm
City View - Twin Peaks