March 2016 – Common Network Penetration Testing Techniques

hack all the things

Our discussion subject for the month of March was Network Pen Tests.

  • What are they?
  • Do they provide value?
  • How are they done?
  • What do you do with the results?

Our guest speaker was Russel C. Van Tuyl (@Ne0nd0g). Russel is an experienced Network Pen Tester with Sword & Shield in Knoxville, TN and has agreed to walk us through his Network Pen Testing procedures.

Here is a quick write up about his presentation:

Attackers can take complete control of a Windows domain by establishing full administrative rights to networks resources. This access can then be used to steal your organizations crown jewels, the thing that makes your organization money. This talk will introduce common attack paths used to compromise a domain. Additionally, a brief introduction to the tools used to perform some of these common attacks will be covered. This presentation will conclude by providing information on mitigating or detecting these common attacks. The audience will be provided with an opportunity to ask any questions, even if they’re not related to the presentation.

Update: Russel did a fantastic job presenting. His presentation was entertaining and had a ton of great information. He not only covered some of the techniques he uses when pen testing, he also talked about ways to mitigate them. If you didn’t walk away with a “To Do” list of things to check on your network, or a list of fun new things to try, you weren’t paying attention.

Here are the slides from the presentation:

Common Pen Testing Techniques

RISE - March 2016

PowerShell Empire

 

He demonstrated how PowerShell can be an admins best friend, or worst enemy, by showing us how easy it was to use PowerShell Empire to compromise a box.

 

Our own Grant Sims has since created step by step video showing how to use one of the PowerShell techniques Russel spoke about. He shows how to use PowerSploit to get a meterpreter shell:

Nov 2015 – Cyber Warfare Threat

At our Nov. 2015 meeting our guest was Col. Lapthe Flora (bio below), brigade commander of the 91st Troop Command. He shared his experience dealing with the advance persistent threat represented by outside actors. He talked about some of the steps DoD is taking for prevention, how cyber warfare is moving out of the realm of science fiction and becoming a real threat and weapon, and current need for DoD to develop talent.

Col. Flora’s Bio:
Col. Lapthe Flora is currently the brigade commander of the 91st Troop Command, headquartered at Bowling Green, Va. Col. Flora’s command includes the Petersburg-based 276th Engineer Battalion, the Sandston-based 2nd Battalion, 224th Aviation Regiment, the Fairfax-based Data Processing Unit, the Norfolk-based Joint National Guard Augmentation Unit and the Fairfax-based Information Operations Support Center.

Flora started his military career in 1988 in the Virginia National Guard after graduating from the Virginia Military Institute and has since served in every staff position within 1st Battalion, 116th Infantry Regiment, 116th Infantry Brigade Combat Team, including as commander of that battalion. Additionally, Flora served as the 116th IBCT executive officer, 29th Infantry Division’s director of operations and most recently as the Joint Force Headquarters – Virginia director of strategic plans. He has successfully completed three overseas deployments to Bosnia, Kosovo and Afghanistan.

In his civilian capacity, Flora is the Senior Applications Engineer with Harris Night Vision & Communications Solutions in Roanoke, Va., and holds six patent awards related to the AN/PVS-14 and AN/AVS-9 night goggles.