Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Penetration Testing [clear filter]
Friday, May 5


OSINT For the Win: Integrating with Social Engineering for Better Pen Testing
Social engineering attacks remain the most effective way to gain a foothold in a targeted organization. But those attacks are only as good as the information used to create them. This presentation will arm you with the latest open-source intelligence (OSINT) tools and techniques needed for gathering detailed information on your targets, turning your social engineering ops into carefully targeted precision strikes that can greatly improve your results. We'll also cover steps that you can take to reduce your own OSINT exposure, protecting you and your organization. You'll see techniques for phishing, vishing, pretexting, impersonation, and more. Tool demonstrations will include how to make the best use of OSINT Websites and standalone tools such as Social Engineer Toolkit and recon-ng.

avatar for Joe Gray

Joe Gray

Senior Security Architect, IBM
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior Security Architect and maintains his own blog and podcast called Advanced Persistent Security. In his spare time, Joe enjoys... Read More →

Friday May 5, 2017 10:00am - 11:00am
Preservation Pub 28 Market Square, Knoxville, TN 37902


Hillbilly Storytime - Pentest Fails
Whether or not you are just starting in InfoSec, it is always important to remember that mistakes happen, even to the best and most seasoned of analysts. The key is to learn from your mistakes and keep going. So, if you have a few minutes and want to talk a load off for a bit, come and join in as a hillbilly spins a yarn about a group unfortunate pentesters and their misadventures. All stores and events are true (but the names have been be changed to prevent embarrassment).


Adam Compton

Adam Compton has been a programmer, researcher, professional pentester, father, husband, and farmer. Adam has over 17 years of programming, network security, incident response, security assessment, and penetration testing experience. Throughout Adam's career, he has worked for both... Read More →

Friday May 5, 2017 2:00pm - 3:00pm
Scruffy City Hall 32 Market Square, Knoxville, TN 37902


Weaponizing Splunk: Using Blue Team Tools for Evil
Splunk is a log aggregation and correlation tool that is normally used for defensive analysis and infrastructure management. What if Attackers could use this same tool against the blue team? Companies deploy security products with no real purpose other than checking a box. While these tools can be used for good they can also turn against the organization and become their worst nightmare. During this presentation, I will discuss creative uses of Splunk that penetration testers and red teamers can use to gain more access and move laterally within an organization.

avatar for Ryan Hays

Ryan Hays

Director of Security Engineering, TBG Security
Ryan is the Director of Security Engineering at TBG Security. With 15 years of experience in the IT field, he has worked in a variety of capacities, currently specializing in offensive security and threat emulation techniques. During his career, he has worked with a multitude of Fortune... Read More →

Friday May 5, 2017 3:00pm - 4:00pm
Scruffy City Hall 32 Market Square, Knoxville, TN 37902