Our Blog

SensePost at Blackhat & Defcon 2016

Reading time ~2 min

The annual Hacker Summer Camp is nearly upon us, everyone at SensePost is getting ready. This is a brief overview of what we’ll be doing. The tl;dr is: BlackHat Training, BlackHat Arsenal x2, Defcon talk & Stickers :)

BlackHat Training

We’re back at BlackHat for our 15th year of training with a selection of courses ranging from introductory courses for beginners through to hardcore courses for experts.

BlackHat Arsenal

We were fortunate enough to have two tools accepted for BlackHat Arsenal this year. We think building open source tools for the hacker community is an important part of how we roll, and we appreciate ToolsWatch and the NETpeas crews efforts with arsenal.

The first is autoDANE (automatic domain admin and network exploitation) by Dane Goodwin (we made him call it that). Which is a console to automate lateral movement and privilege escalation in Windows Active Directory environments.

The second is DET (data exfiltration toolkit) by Paul Amar. A tool to help you exfil data from corporate networks in all sorts of sneaky ways.

Defcon 24

We’re super excited to have been accepted at Defcon this year. Rogan and I will be talking about overlooked aspects of USB security. Like any good talk, this will also see the release of open hardware and code to demonstrate an end-to-end attack. Highlights include: gaining remote control, using a device that fits in a flash drive, to own even airgapped hosts, via stealthy channels (no network interface on host). For further information on this, stop by the talk or read the full abstract.

Stickers

Chs4uUVW0AQAXL2

Last, but not least. Daniel has put together some great stickers filled with all sorts of hackers easter eggs including a tribute to Ray Tomlinson. Mail training@sensepost.com if you’ll be at BH/DC and would like one.

We look forward to seeing you there.