Speakers‎ > ‎

Adding Simulated Users to Your Pentesting Lab with PowerShell

Adding Simulated Users to Your Pentesting Lab with PowerShell
Pentesting labs tend to have isolated boxes representing specific vulnerabilities. This doesn’t do a great job of mimicking real world networks which have active users and network activity. We created a tool set to introduce simulated users to a lab environment which enables us to accurately model real world corporate networks and allows for additional attack vectors to be explored in a safe setting. During this talk we’ll go over the major functions of the tool and showcase its capabilities with a live demonstration.

Presenters: Chris Myers (@swizzlez_) and Barrett Adams (@peewpw)
Chris is an experienced penetration tester and red teamer who's led a diverse range of red team assessments: from internal networks, to spear-phishing exercises, to web and mobile applications. These assessments have given him exposure in a breadth of industries (pharma, finance, healthcare, technology, etc.) through which he's developed a unique perspective of the current information security landscape. His areas of interest include exploit development, offensive security training and education, and automation and tool development. 

Barrett is also a red teamer and security professional with experience performing a variety of red team assessments. His focus has been on assessing externally facing networks, where he has developed a number of useful automation scripts to search for, consolidate, and organize a company's internet presence. More recently, he has created red team tools such as Invoke-PSImage for stealthy payload delivery and Invoke-WCMDump for dumping Credential Manager passwords.