Wrangling Malware for Fun and Pentesting

As a pentester, we're always looking for ways to crack the perimeter and establish a foot hold. But we're busy right? So, why re-invent the wheel? Malware is making it past companies perimeters everyday. "Wrangling Malware for Fun and Pentesting", explores the idea of re-using malware delivery and obfuscation techniques for pentesting. We will take a phishing email with an obfuscated malware payload, deobfuscate it, review the code, replace the malware with a pentesting payload, re-package it, and deploy it for pentesting.

John Freimuth

John Freimuth - In Security since 2010, but professionally since 2012. Currently pentesting with a health company in the valley. You might remember me from such talks as "Return of the Dork or "Spy V Spy".

Alex Stockwell

Alex Stockwell - Security Engineer; 10+ years of software engineering, with a security focus for most of it. "Security is more interesting than browser bugs".