Penetration Testing - The Other Stuff

Explore essential tools and techniques for effective penetration testing in this 53-minute LASCON conference talk. Learn how to organize and manage your work before, during, and after an engagement, covering topics such as scope creep, environment setup, terminal usage, file naming conventions, data collection methods, screen capture techniques, and reporting strategies. Discover valuable insights on handling default passwords, simplex locks, and clue gathering, while also examining the balance between art and science in penetration testing. Gain practical knowledge on disaster recovery and cultivating the right attitudes for success in the field of information security and beyond.

Intro
The Presentation
Scope Creep
Environment
Terminals
File Naming
Data Collecting
Screen Captures
Output Options
Reporting
Grappling hooks
Default passwords
Simplex locks
Clues
Ninja vs Pirate
Art vs Science
Recap
Disaster Recovery
Attitudes