SANS KringleCon / Holiday Hack 2019
John Strand, Keynote: A Hunting We Must Go
- Interval, con time, data size.
- Holes in an org are just as important to detect as threat actors.
- Deception time + Reaction time < Time to perform attack.
Katie Knowles, How to (Holiday) Hack It: Tips for Crushing CTFs & Pwning Pentests
- Recon –> ID Vuln –> ID Exploit –> Test –> New Info Integrate
1. Understanding the Problem
- Drawing is a useful way to visualise a problem e.g.:
credit: Katie Knowles
- Google things; look for other things that are similar.
- Having a list of things that we've done and then ensuring all bases are covered in each step e.g. all ports checked, UDP as well?
3. Carry out the plan
4. Looking Back
- Record your steps, useful links, wiki.