Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front. Often times testers only resort to using publicly available tools which can overlook critical assets.
Download slides: http://www.activecountermeasures.com/presentations/
In this one-hour BHIS podcast (recorded live as a webcast on 4/16/19), we will begin by examining some commonly overlooked methods to discover external resources. Next, we will show how to discover employees of a target organization and quickly locate their social media accounts. Finally, we will strategically identify and weaponize personal information about the employees to target the organization directly using new attack techniques.
You will learn an external defense evasion method, a new process to gain credentialed access, and get a demo on a newly released tool — FireProx!
While the approach is designed to assist offensive security professionals, the webcast will be informative for technical and non-technical audiences; demonstrating the importance of security-awareness for everyone