Webcast: Pentester Tactics, Techniques, and Procedures TTPs w/ Chris Traynor
Penetration Testing is often considered a dark art that’s shrouded in mystery. This unfortunate perception can hold back organizations from being more secure and keep people from an exciting career.
In this Black Hills Information Security (BHIS) webcast, join Chris Traynor (@cstraynor) as he shares the tactics, techniques, and procedures (TTPs) for a Pentester.
Chat with your fellow attendees in the Infosec Knowledge Sharing Discord server here: https://discord.gg/fr5wqbF — in the #webcast-live-chat channel.
/// Chapters 00:00 – Pentester Tactics, Techniques, and Procedures (TTPs) with Chris Traynor
00:21 – Whoami
00:56 – Agenda
02:36 – Baseline Terminology
08:12 – Reconnaissance — Tactic/Intended Effect
09:15 – Nmap — Tool/Mechanism
11:14 – Nmap — Execution
14:36 – Recon-ng – Tool/Mechanism
19:57 – Recon-ng — Execution
22:34 – Recon-ng — Cheatsheet
25:13 – Account Enumeration — Tactic/Intended Effect
26:10 – Burp Repeater — Tool/Mechanism
27:01 – Burp Repeater — Execution
33:51 – Password Spraying — Tactic/Intended Effect
39:15 – Burp Intruder — Tool/Mechanism
40:15 – Burp Intruder — Execution
44:17 – smb_login Module — Tool/Mechanism
45:51 – smb_login Module — Execution
47:56 – psexec Module — Execution
52:30 – Chris’s Other Talks
54:18 – Post-Show Questions