Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, there’s a typical path to “winning” that present themselves over and over. Expensive, difficult to configure, and cumbersome to maintain tools exist to help prevent and alert on some of these attacks. Wouldn’t it be great if there was a open-source solution available that was just the opposite of that? Well here it is! A defense and alerting toolkit from the perspective of pentesters.
Beau, Brian, and Derek are all Security Analysts and Researchers for Black Hills Information Security. Among other duties, the three provide pentesting for organizations that span the spectrum of retail, financial, and government. When not pentesting, the group works together to create open-source tools to give back to the community.
View slides here: https://www.dropbox.com/s/6zzk6tccpo91s2y/Cred_Defense_Webcast.pptx?dl=0
Blog posts with additional information here:
“The CredDefense Toolkit” – https://www.blackhillsinfosec.com/the-creddefense-toolkit/
“End-Point Log Consolidation with Windows Event Forwarder” – https://www.blackhillsinfosec.com/end-point-log-consolidation-windows-event-forwarder/