Description: As a pentester, when was the last time you 'recovered' deleted files from the MFT of a pwned box? Ever used an index.dat parser for identifying your next target? Do you download browser remnants of your victims to gather their saved form data?
Despite the sensitive information uncovered through forensic techniques, the usage of such concepts have primarily been limited to investigations and incident response. In this talk, we will cover the basics of "Offensive Forensics", what information to look for, how to find it, and the use of old tools in a new way. After looking at the post-exploitation potential, we'll dive into real-world examples and release the first ever "Vulnerable [Forensics] by Design" machine!
Benjamin Caudill (@RhinoSecurity) is a principal consultant for Rhino Security Labs, an IS consulting and managed security firm. Prior to his years in consulting, Ben worked as a penetration tester and incident responder in the aerospace and finance industries.
When not hacking all the things, he enjoys long wardrives on the beach and drinking too much (not necessarily in that order).
For More Information please visit : - https://www.defcon.org/html/defcon-21/dc-21-speakers.html
Tags: securitytube , hacking , hackers , information security , convention , computer security , defcon-21 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.