EvolveSec CHI // Windows Pentesting: Analyzing the Attackers' Toolbox


Ben Burkhart and Jim Holcomb perform penetration tests against a variety of different targets and environments in their daily work as Security Consultants for Evolve Security. However, through their collaborative work with the Evolve Security Academy, they have noticed that Windows environments often give new pentesters the most trouble. In this talk, they will provide a brief survey of some of the most effective tools available to pentesters that can be used to target Windows systems and networks. Their talk will include demonstrations and an overview of how pentesters can best leverage popular tools like Impacket, Empire, PowerSploit/Powershell, and Metasploit on engagements. They will walk through a demo lab environment and explain how each tool can be used at different steps of the Penetration Testing Methodology. In addition, they will also provide an overview of tools which can be used to build an intentionally vulnerable environment that new penetration testers can use to practice and hone their skills. This will be a beginner-friendly talk that hopefully has some stuff for the more advanced folks as well.

Pizza and refreshments will be provided!