Join SANS Instructor John Strand as he discusses some really novel approaches to demonstrating business risk through penetration testing - with some awesome recommendations for post-exploitation activities. John will look at ways to surreptitiously plunder target machines and pivot through target environments more flexibly than ever in this fun and engaging webcast. Every security professional (from defender through analyst through pen tester) should know about these techniques, which mimic the capabilities of real-world bad guys.
We will also be sharing a new backdoor we created which uses gmail as a command and control point and some awesome new netsh research by Ed Skoudis!