Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, there’s a typical path to “winning” that presents itself over and over. Expensive, difficult to configure, and cumbersome to maintain tools exist to help prevent and alert on some of these attacks. Wouldn’t it be great if there was an open-source solution available that was just the opposite of that? Well, here it is! A defense and alerting toolkit from the perspective of pentesters.
Beau, Brian, and Derek are all Security Analysts and Researchers for Black Hills Information Security. Among other duties, the three provide pentesting for organizations that span the spectrum of retail, financial, and government. When not pentesting, the group works together to create open-source tools to give back to the community.
View slides here: https://www.dropbox.com/s/6zzk6tccpo91s2y/Cred_Defense_Webcast.pptx?dl=0
Blog posts with additional information here:
“The CredDefense Toolkit” – https://www.blackhillsinfosec.com/the-creddefense-toolkit/
“End-Point Log Consolidation with Windows Event Forwarder” – https://www.blackhillsinfosec.com/end-point-log-consolidation-windows-event-forwarder/
Ready to learn more?
Level up your skills with affordable classes from Antisyphon!
Available live/virtual and on-demand