Pentesting with live malware

Gunter Ollmann IOActive

Despite morphing into vulnerability scanning and tick-box compliance in recent years, there is still a need for hardcore penetration testing. Sure, the bad guys continue to probe defences, scan open ports and enumerate visible services, but external attacks that exploit unpatched vulnerabilities and manage to breach corporate defences through the front door are an increasingly rare breed. Instead, the vast majority of successful attacks are based upon malware delivered through a barrage of social engineering, trickery and browser-level subversion.

Penetration of an enterprise network requires the defeat and subversion of multiple layers of defence - including anti-virus and intrusion prevention technologies. In order to test these defences, it is necessary to construct and deploy the same kind of advanced and stealthy malware as employed by the best cybercriminals. This paper explores new penetration testing methodologies designed to replicate current generation attack profiles and stress the layered defence model. Insight is provided into crafting custom malware for the purpose of corporate penetration and red-team exercises.

VB2013 takes place 2-4 October 2013 in Berlin, Germany.

The full programme for VB2013, including abstracts for each paper, can be viewed here.

Click here for more details about the conference.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.