The document discusses gaining control of a situation through intelligence gathering and search techniques in order to find vulnerabilities that can be exploited to perform unparalleled events. It explores controlling the landscape through applying intelligence operations, information warfare, data science, and cybersecurity to search for and sample applications that allow one to exploit and destroy through techniques like searching for PHP errors that enable SQL injection. The session aims to explore this landscape and applications of control, search, exploit, and destroy.

1. CTRL, Search, Exploit,
and Destroy
Maurice E. Dawson, Ph.D., D.C.Sc., SMIEEE
Assistant Professor
Director, Center for Cyber Security and Forensics Education
Illinois Institute of Technology | School of Applied
Technology

2. Session Overview
2
An ever-evolving technological landscape also
means a rapidly changing digital battlefield. The
integration of intelligence, psychological operations,
information warfare, data science, and
cybersecurity has allowed for unparalleled events
to be possible. This session is to explore the
landscape and sample some of the applications to
perform this exploration.

3. 3
CTRL

4. CTRL
First, an individual must gain
control of the situation. This
enables an individual to
appropriately plan out,
strategize, and then execute
the attack.
4

5. 5
SEARCH

6. Search
Intelligence Gathering
Open Source Intelligence
Human Intelligence
Measurement Intelligence
Geospatial Intelligence
Signals Intelligence
Technology Info Gathering
OWASP Top 10
Photo Metadata
Technology & Device Manuals
Network Mapping
Source Code Analysis
Software Vulnerabilities
Hardware Vulnerabilities
6

7. 7

8. 8

9. 9

10. 10
Search for php errors that can
allow for SQL injection. This
can range from inappropriate
pass through of a variable to a
badly chosen variable.

11. 11

12. 12

13. 13

14. Exploit
14
EXPLOIT

15. 15

16. 16

17. 17

18. 18
DESTROY

19. 19

20. 20

21. 21

22. 22