Hacking is hard, right? Our networks are being penetrated by ninjas and foreign governments with elite skills, right? To some extent decision makers in your organization probably believe that. The perception that only an elite few people can break into your organization is probably driving business decisions to limit your security budgets and put valuable resources on more pressing issues. When the adversary is no longer the elite government agent with no motive to attack you and instead is anyone you may have rubbed the wrong way who knows how to rename a file you tend to look at risk differently. This talk is intended to show you some very practical and simple attacks that you can demonstrate to management to change their perception.