This is the slide deck that I used when presenting at FSU's Cyber Security Club. This presentation was supposed to give a description of what Red Teaming, Pen Testing, and other roles do.
2. What’s this talk about?
● Who I am
● How I got started in the industry
● What is “red teaming” and/or “pen testing”
● Different Offensive Jobs
● Where is the field going?
● How to learn and get your foot in the door
● Questions
3. uid=0(@ChrisTruncer)
● Christopher Truncer (@ChrisTruncer)
○ Hacker
○ Open Source Software Developer
■ Veil Framework Developer
○ Florida State Seminole
○ Random certs… blah
● Red Teamer and Pen Tester for Mandiant
4. How I Started
● College
○ College computer security class
○ Hack my roommate
■ “Wow, hacking is real”
○ Took a security class
○ Decided this is what I wanted to do
■ …. is this even a job?
5. How I Started
● Start off in a technical role
○ Wanted to get a technical foundation before
moving into security
● First job, not what I wanted
● Became a Sys Admin at Northrop Grumman
○ Stayed for about 2 years
● Began my plunge into security, and haven’t
looked back
20. Tale of Two Tracks
● All team members will typically start in a general
pen testing position
● With experience, you will typically specialize
○ Red Team? Web Apps? Thick Clients?
● After specialization, two main tracks exist
○ Technical Track
○ Management Track
21. Tale of Two Tracks
● Technical
○ Performing research, or concentrating on
leading technical challenges
■ Tech SME
○ Live and die by your own sword
● Management
○ Lead teams running assessments
○ Could stay technical… “It depends”
22. Tale of Two Tracks
● Both tracks have their pros and cons
● Honestly, just figure out what you love to do
○ It’s what the beginning stage of pen testing is
designed to let you do
● Find your passion in this, and go for it
○ This field is filled by people who LOVE what
they do
26. Exploit Developer
● Typically not on Ops
○ Not on keyboard
● Performing research on various technologies
○ Predominantly includes low-level analysis
■ Be very comfortable in a debugger and
decompiler
■ Understand the basics of exploitation
● Buffer overflows, SEH overwrites,
egghunters, etc.
27. Exploit Developer
● This can be really fun and rewarding
○ Perfect for people who really like taking apart
puzzles and finding holes
○ Can be VERY time consuming - might take 6
months of research to find a vuln you can
exploit
○ Might not find a vulnerability
○ Make a lot of money
29. Where’s the field going
● Pen Testing and Red Teaming is relying less on
technology, and more on people
○ Human error is easiest to exploits
■ Layoff Example
○ Misconfigurations/Poor configurations are what
we look for now
■ User-Hunting
○ This is likely the way forward
30. Where’s the field going
● Exploitation is getting harder to do
○ Defensive technologies are making life hard
■ Used to see lots of exploits, post Win 7 ->
not as much
○ Not many companies are offering pure exploit
development positions
■ Government positions
■ Third party companies
31. Certifications
● They can be… ok..
○ Sometimes needed to help get past HR
○ They are NOT a sign of competency
● Best certs, look at Offensive Security
○ OSCP - Pen Testing
○ OSCE - Exploit Development
● This style of certifications demonstrates
knowledge and is respected
32. What I wish I knew
● Be prepared to be uncomfortable at times
○ Always in a new environment with new “stuff”
and you’re expected to break it
○ Perk of the job too :)
● Build your process
○ Learn how you best approach networks, web
apps, etc.
○ Use this to face what you don’t know
33. Get Into Coding
● Learning to code/script
will be invaluable
○ Add functionality, or
write your own tools
○ Manipulate large
data sets
○ Nearly a requirement
to be successful
34. Where to start coding?
● Pick a language to learn
○ Windows ->
Powershell
○ Linux -> Bash,
Python, or Ruby
● Find something tedious
○ Automate it!
35. How to Learn
● Go to security conferences!
○ Might be anywhere from $10 - $300
○ BSides Conferences are local and almost always
free, or super cheap
● Build your own lab
○ VMWare is your best friend
○ VulnHub
● Try free CTFs
● Twitter!