Matt Fisher is a security consultant at STACKTITAN, with an emphasis on the penetration testing and red team disciplines. Matt is a US Army veteran who spent 14 years working in various roles within the DOD Intelligence Community before being drawn to the field of cyber security. Matt can often be found (or not found) lurking in the dark of enterprise networks (with prior consent of course), searching for paths to domain compromise.
The Lazy Pentester’s Guide to Coasting Through Internals (<– add to your schedule)
It’s been said that nobody wants to work anymore, and pentesters are certainly no exception to this rule. Internal pentests can be hard, time consuming drudgery. Pentesters may spend hours scanning hosts, looking for open ports and exploitable services only to find themselves with little time left to exploit anything, and a lack of focus on where to begin.
What if there was a better more efficient way? What if there was an 80% solution that will have you traipsing around the network with elevated privileges and creds in hand requiring a fraction of the time and effort using tools you’re already using?
In this talk we’ll cover multiple proven methods for obtaining creds, gaining footholds, and just generally wrecking up the place that are quick, relatively painless, and will leave you owning a client’s network fast.