Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes

80 views

Published on

ntxissacsc5

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes

  1. 1. Target Acquired: DIY Pentest Lab Dustin Dykes / Wirefall / @DHAhole
  2. 2. NTXISSACSC5
  3. 3. Local Resources ● NTXISSA – https://ntxissa.org – 3rd Thursday ● Ft. Worth ISSA – https://www.issafortworth.org/ – 2nd Tuesday ● NTXCSG – https://www.meetup.com/NTXCSG/ – Last Thursday ● DC214 – http://dc214.org/ – 2nd Wednesday ● Hack FtW – http://hackftw.com/ – See DFW InfoSec Calendar (@DFW_InfoSec)
  4. 4. Local Resources ● Dallas Hackers Association (DHA) – 1st Wednesday @ Family Karaoke (http://familykaraokedfw.com/) – https://dallashackers.com/ – Meetup: Dallas-Hackers-Association – Twitter: @Dallas_Hackers ● DHA Capture the Flag (CTF) – Commander (@c0mmand3rOpSec) – Prevade Cybersecurity (https://www.prevade.com/) ● DHA Lockpick Village – Moe Bius (@RadlyRedundant)
  5. 5. Match the Attacker to the Weapon (Analogy) 1) n00bs! 2) Script Kiddies 3) L33t Hax0rs 4) Hacktivists 5) Professionals 6) Criminals 7) APTs/Nation States A) ICBM B) Pea Shooter C) IED D) Hammer E) Machine Gun F) Pistol G) Sarin Gas
  6. 6. Responsible Testing
  7. 7. Pentest Lab Environments ● Bad – Internet (Shodan) – Work/Client ● Good – Web-based CTFs – Cloud-based CTFs – Remotely Hosted Labs – Locally Hosted Labs – Bare Metal – Locally Hosted Labs – Virtualized – Locally Hosted Labs – Hybrid
  8. 8. Bare Metal
  9. 9. Virtualized
  10. 10. Hybrid
  11. 11. Hardware ● Simplicity ● Redundancy ● Exploitation practice and development – Hardware only equipment – IoT ● Virtualization considerations – Full virtualization vs. paravirtualization (VT-x/AMD-V) – Storage – Memory – CPU cores
  12. 12. Virtualization Software
  13. 13. Labs

×