Webcast: Pentester Tactics, Techniques, and Procedures TTPs w/ Chris Traynor

Penetration Testing is often considered a dark art that’s shrouded in mystery. This unfortunate perception can hold back organizations from being more secure and keep people from an exciting career.

In this Black Hills Information Security (BHIS) webcast, join Chris Traynor (@cstraynor) as he shares the tactics, techniques, and procedures (TTPs) for a Pentester.

Chat with your fellow attendees in the Infosec Knowledge Sharing Discord server here: https://discord.gg/fr5wqbF — in the #webcast-live-chat channel.

/// Chapters 00:00 – Pentester Tactics, Techniques, and Procedures (TTPs) with Chris Traynor

00:21 – Whoami

00:56 – Agenda

02:36 – Baseline Terminology

08:12 – Reconnaissance — Tactic/Intended Effect

09:15 – Nmap — Tool/Mechanism

11:14 – Nmap — Execution

14:36 – Recon-ng – Tool/Mechanism

19:57 – Recon-ng — Execution

22:34 – Recon-ng — Cheatsheet

25:13 – Account Enumeration — Tactic/Intended Effect

26:10 – Burp Repeater — Tool/Mechanism

27:01 – Burp Repeater — Execution

33:51 – Password Spraying — Tactic/Intended Effect

39:15 – Burp Intruder — Tool/Mechanism

40:15 – Burp Intruder — Execution

44:17 – smb_login Module — Tool/Mechanism

45:51 – smb_login Module — Execution

47:56 – psexec Module — Execution

52:30 – Chris’s Other Talks

54:18 – Post-Show Questions