Description: Client Sides are the new remote exploit. If you aren't allowing client side attacks during your vulnerability assessments or penetration tests you are ignoring a huge attack vector and the current attack method. You are also failing to exercise your internal and host based exploitation countermeasures (HIDS/HIPS), your ability to test and respond to client side attacks and internal attackers, and missing a valuable opportunity for user awareness training.
This talk will focus on justifying why you should be allowing client side penetration testing and giving penetration testers a basic methodology to conduct client side attacks during their penetration test. We will also give (mostly real-world) examples we used during client side penetration tests to go with our methodology.
Tags: securitytube , notacon , nota con , hacking , hackers , information security , convention , computer security , nota 6 , notacon 6 , notacon-6 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.