My talk “So you want to be a pen tester?” was accepted by DerbyCon. Come out and support me – or at least by me a beer :). Per one of my previous posts – all monies earned for the talk will be donated to HFC. I would also like to do something different – if you are a vendor and donate $$ to HFC, and provide me a shirt/t-shirt (xxl). I will wear it during my talk. For those that don’t know I am 6’2” and about 280lbs and make a great billboard.
Enough commercialization here’s more on my talk:
When many pen testers, myself included, are just starting out they focus their testing efforts on the “cool” stuff (the latest exploit, pwning the database, getting root, etc.) and pay little attention to the other “not so cool” aspects of pen testing. This is reiterated in many of the CON talks – the new tool, the new exploit, etc. and always seems to be the biggest draw. My talk: ‘So you want to be a Pen Tester?‘ is a unique and perfect example of the phrase “Dare to be Different” – one of my favorite mantra’s and a philosophy I strive to live by. Rather than focusing on tools/exploits, my talk will hone in on the pen testing life cycle, understanding good reports/bad reports, and how a commercial pen tester can differentiate themselves from the competition. Intended audience – intro to expert level “white hat” pen testers. Although not technically a tool, my version of the pen testing framework (Mind Map) will be released in conjunction with this talk.