7MS #335: Cool Stuff I Just Learned From Red Teamers


Manage episode 220735957 series 1288763
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

Today I'm excited to brain-dump a bunch of cool stuff I learned at a red team conference called ArcticCon this week. Although this conference observes the Chatham house rule I'm just going to talk about a few things from a general, high level. Specifically, I asked several heavy-hitting red teams these burning questions:

  • When you red team an org, do you usually assume compromise (i.e. plug a Kali box into the network and go from there) or are you crafting email payloads from scratch, trying to get a reverse shell past various email/firewall filtering efforts?

  • Does your management seem to "get it" when it comes to the true value of having a red team? Or do they put limits on your efforts - like "Wait a sec, don't phish my boss!" Or "OMG hold on, don't pwn those systems!"

365 episodes available. A new episode about every 6 days averaging 35 mins duration .