The Dirty Little Secrets They Didn't Teach You In Pentesting Class

Explore the hidden aspects of penetration testing not typically covered in standard courses through this conference talk by Chris Gates and Rob Fuller. Delve into advanced techniques for achieving domain admin status, setting realistic pentesting goals, and executing actual attack scenarios. Learn about essential prep work, password strategies, and effective use of tools like Nmap scripts and Metasploit auxiliary modules. Discover post-exploitation tactics, including optimal persistence methods, alternative command execution techniques, and network reconnaissance. Gain insights into creating zombies, searching for valuable information, and handling scenarios where traditional methods fall short. Enhance your pentesting skills with practical demonstrations and expert knowledge shared in this comprehensive presentation.

Intro
The setup...
Domain Admin Or Bust
Pentesting Goals
Is it working?
Actual Attack Scenarios (best case)
Prep Work
Quick Tangent → Passwords
Nmap Scripts
MSF Auxiliary Modules
Post Exploitation Google Docs
What is the best persistence method?
Hooking your homies up
What if CMD.exe is disabled?
But... dropping binaries == bad
Route
TCP Table
NetDiscovery
Domain Discovery
DisplaySessions
Creating Zombies
DEMO
Searching for Gold (Good)
Searching for Gold (Better)
These won't show up there...