/ pentesting

LTR101 - Facing Your Fears

Following a wee dry spell of blog posts here's my latest(a wee quickie). At the time of writing this blog I've since done three security conference talks in my life so far!

For the duration of the year 2018, I set myself a few goals to overcome some of my fears. One of which is public speaking at security conferences, now for those of you who know me and have met me irl I'm a pretty social guy BUT believe it or not public speaking and presenting actually terrifies me.

However having been as an attendee at cons for several years, several folks have kept asking 'when will we see you present Andy?'. I decided to bite that bullet and went all out submitting four presentations to four conferences for 2018. Spoiler alert: ALL OF THEM GOT ACCEPTED! So that's a pretty good rate 100% acceptence!

  • BSides Leeds - January 2018
  • BSides Glasgow - April 2018
  • BSides London - June 2018
  • Steelcon '18 - July 2018

Two of which have been recorded and you can watch back, warning I 18++ due to my language and profanity... SORRY NOT SORRY.

So first up was BSides Leeds in January 2018, this talk was about the various different jobs a pentester can have whilst on the job and the different learning techniques that need to be adopted.

My aim was to cover off essentially how pentesting isn't always the same as poppin' shells 24/7, yes that is a fun factor of it but there is a great degree of learning that goes alongside uncharted territory which can be a lot of different jobs/apps.

Hacker of All Trades: Master of None:

Following from a great success of delivering my first talk at a UK security conference, next up was BSides Scotland. Which was held this year in Glasgow(the best city in Scotland and the REAL capital, I should add!).

This talk took an angle on how dangerious the Internet can be, how it can be used to commit murder and how OSINTing a target in a pentest can be similar to that of homicide. A bit of an obscure topic that came out of a general random chat over a pizza one day!

Internet of Death:

Next up in the coming months(I'll update this post with video links I think later) will be BSides London where I'll be delivering Breaking Into Information Security - Something Something; which will take a look on topics covered in my LTR book and other handy topics along the way. Also my other talk which will be along simlar lines will be delivered at steelcon with a similar title(undecided).

So the takeaway from this post aside from me creating silly titles for talks and winging delivery of them is that sometimes to face our fears the best and scariest solution is to face them dead on!

Happy hunting and hacking ladies and gents, thanks for reading!