没有合适的资源?快使用搜索试试~ 我知道了~
藏经阁-Protecting-Pentests-Recommendations-For-Performing-More-Secu
需积分: 5 0 下载量 8 浏览量
2023-08-26
15:37:37
上传
评论
收藏 289KB PDF 举报
温馨提示
试读
39页
藏经阁-Protecting-Pentests-Recommendations-For-Performing-More-Secu
资源推荐
资源详情
资源评论
PROTECTING PENTESTS:
RECOMMENDATIONS FOR
PERFORMING MORE SECURE TESTS
July 28, 2017
Wesley McGrew, Ph.D.
Director of Cyber Operations
wesley.mcgrew@hornecyber.com
Purpose:
In light of vulnerable tools, practices, and training
…and hostile network environments:
Comprehensive recommendations for conducting secure offense-
oriented engagements
(penetration tests, red teaming, etc.)
This talk
• Education – Computer Science @ Mississippi State
• Academia
• Helped build cybersecurity program at MSU
• Research
• NSA CAE – Research
• SCADA HMI Vulnerabilities – My Ph.D. dissertation, and more importantly, my
DEF CON 20 talk ☺
• GhostExodus Incident
• Malware attribution/grouping with machine learning
• Education
• Professor – Computer Security, developed course on Reverse Engineering
• NSA CAE – Education, and Cyber Ops
• Private: Freelance > Startup > Acquisition > Growth
• “Director of Cyber Operations” @ HORNE Cyber
My Background – How did I get interested in this?
DEF CON
DC19 & BHUSA 2011: Post-Exploitation Forensics with Metasploit
DC20: SCADA HMI and Microsoft Bob
DC21: Pwn the Pwn Plug
DC22: Instrumenting Point-of-Sale Malware
(and a little extracurricular pineapple hunting)
DC23: I Hunt Penetration Testers
DC24 & BHUSA 2016: Secure Penetration Testing: Flawed Practices
Taught in Training, Books
My Background – How did I get interested in this?
• Penetration testers are…
• …attractive targets
• Level of access
• Information
• Tester
• Client
• …highly vulnerable
• Tools
• Procedures
• Training
Motivation
剩余38页未读,继续阅读
资源评论
weixin_40191861_zj
- 粉丝: 62
- 资源: 1万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功