Abstract
Three years of penetration testing and red team experience make for some adrenaline resistance, many technical challenges, and interesting war stories with a facepalm factor. Sprinkled in between, there is also a bit of custom malware development, small gadgets and tools of our own tinkering, next-gen security bypasses, and one or two minor zero days.
This talk aims to share some of that fun: Giving insights into realistic adversary simulation (including both digital and physical intrusion). The talk will first introduce methodological approaches typically pursued by a red team. Once the foundation has been laid, the talk will focus on a set of examples for each phase of a typical red team engagement. These examples will be tightly interwoven with anonymized accounts of several assessments we have performed all over Germany. Explanations will be provided on how to get past antivirus, IT administrators/the blue team, next-gen firewalls, doors, windows, Windows, security guards, and cleaning ladies (hint: being nice is the best way to be evil). Through the talk, participants will gain an understanding of how a red team (in this case, ours) thinks, plans and acts, solved technical and non-technical challenges, and had lots of fun - which, hopefully, the attendants will have too.
