We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

RECON VILLAGE - PREBELLICO: 100% Passive Pre-Engagement and Posz Compromise Reconnaissance Tool

00:00
subtitles
off
playback rate
1
subtitles
off
English (auto-generated)
playback rate
0.25
0.5
0.75
1
1.25
1.5
1.75
2
quality
576p
5
 Cite
 Share
 Download Purchase
No logo availableDEF CON
 Suthers, William

Formal Metadata

Title
RECON VILLAGE - PREBELLICO: 100% Passive Pre-Engagement and Posz Compromise Reconnaissance Tool
Subtitle
Because There's No Patch for Passive Reconnaissance
Alternative Title
Prebellico 100 Perfect Passive Pre-engagement/Post Compromise
Title of Series
Number of Parts
322
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
When attacking modern internal networks, intelligence is everything. Understanding the environment you are operating in can be the difference between successfully penetrating your target environment or missing targets of opportunity due to lack of understand about the target environment. While true, obtaining information about the environment in a stealthy manner, when required, can be difficult within a mature environment. Even during overt engagements, obtaining the information you need within a limited time window can be difficult, especially during engagement delays. Further complicating things, often testing scope is based off of poor assumptions about the target environment, often leading unrealistic scope reductions a real-world attacker would not operate out of. Over the years internal testing engagements have been operating on various assumptions within switched networks, often driving engagement execution methods, but what if these assumptions were wrong? What if we could utilize the wasted time, even weeks in advance, between deployment and engagement execution, to take the time to understand the network? What if we could leverage the realities of modern networks and the things customers do to ‚Äòprepare’ for an engagement (backups, security scans, etc.) through 100% passive methods, challenging your assumptions about the network? Prebellico is pre-engagement and post compromise intelligence gathering mechanism designed to gather as much information about the target environment through 100% passive methods. Utilizing very few resources, Prebellico permits an attacker the ability to understand the target environment by providing information such as the intent of internal systems, internal network address space, hostnames, egress filtering, TCP trust relationships, as well as map open TCP/UDP ports through reverse port scanning using 100% passive techniques.”
00:00
Perspective (visual)SoftwareValidity (statistics)Group actionComplete metric spaceEnumerated typeDifferent (Kate Ryan album)AuthorizationMultiplication signRight angleDemo (music)Heat transferSoftware developerComputer animation
02:00
Information technology consultingSoftware testingSlide ruleField (computer science)Information securitySelf-organizationMusical ensembleSoftwareHacker (term)Product (business)Integrated development environmentExpected valueTerm (mathematics)Real numberOperator (mathematics)CuboidoutputData conversionDivergenceInjektivitätLogical constantFamilyPoint (geometry)Client (computing)WhiteboardMultiplication signOverhead (computing)Right angle
04:08
Hacker (term)Physical lawDivisorSet (mathematics)Mechanism designFlow separationBit rate
05:00
Pulse repetition frequencyEnumerated typeValidity (statistics)Integrated development environmentPhysical systemNumberEnumerated typeExploit (computer security)Figurate numberChainMereologyOperator (mathematics)Pay televisionStatement (computer science)Spacetime
05:55
Perspective (visual)DatabaseComputer hardwareInformationPerspective (visual)SoftwareNetwork topologyLevel (video gaming)Integrated development environmentArithmetic meanDuality (mathematics)Limit (category theory)Hydraulic jumpDataflowQuicksortAreaLogical constantServer (computing)InternetworkingConnectivity (graph theory)Information securityBridging (networking)Open setAuthenticationCommunications protocolData conversionReverse engineeringInternet service providerStudent's t-testKey (cryptography)Different (Kate Ryan album)Exploit (computer security)Service (economics)Default (computer science)DialectState of matterAlgebraGroup actionMereologyOvalConfiguration spacePoint (geometry)Source codeWorkstation <Musikinstrument>Degree (graph theory)Multiplication signComputer animation
08:47
Type theoryTask (computing)Uniqueness quantificationAuthenticationWordMotion captureMessage passingForcing (mathematics)Physical systemMetropolitan area networkComputer animation
09:19
Game theoryIntegrated development environmentReal numberBroadcasting (networking)Communications protocolData miningPasswordMusical ensembleCASE <Informatik>MetadataProxy serverRight angleService (economics)Enterprise architectureMereologyVotingOnline helpEqualiser (mathematics)Computer animation
10:19
WindowIntegrated development environmentLetterpress printingMereologyServer (computing)Dependent and independent variablesCASE <Informatik>System administratorInformation securityCuboidException handlingComputer animation
11:11
Phase transitionSoftware testingLogical constantControl flow2 (number)Integrated development environmentInternetworkingComputer animation
11:45
Software testingPhase transitionSoftwareIntegrated development environmentData transmissionVariable (mathematics)MereologyPlanningCivil engineeringInteractive televisionBlock (periodic table)Form (programming)QuicksortInternetworkingDirect numerical simulationComputer animation
12:36
Software testingPhase transitionAnnulus (mathematics)Electronic mailing listInformationInteractive televisionPort scannerDressing (medical)Virtual machineRight angleData managementSoftwareWindowIntegrated development environmentBitResultantSampling (statistics)Broadcasting (networking)Source codeFingerprintSoftware developerUsabilityGroup actionDataflowDependent and independent variablesSystem administratorWordFile formatElement (mathematics)Multiplication signFigurate numberPosition operatorComputer animation
15:06
PasswordSocial classWordInformationSoftwareWindowIntegrated development environmentHecke operatorGateway (telecommunications)Asynchronous Transfer ModeVideo game consoleData storage deviceStandard deviationRight angleComputer animation
16:05
Integrated development environmentPasswordServer (computing)Right anglePosition operatorSoftwareSoftware testingSeries (mathematics)Exterior algebraHand fanRouter (computing)BackupComputer fileClient (computing)Forcing (mathematics)Moment (mathematics)QuicksortDivisorBroadcasting (networking)Grass (card game)TouchscreenComputer animation
17:14
MathematicsIntegrated development environmentIntelGoodness of fitPoint (geometry)Touch typingFeedbackVirtual machineMusical ensembleLaptopKey (cryptography)Multiplication signComputer animation
18:00
Computer hardwareBefehlsprozessorBitLocal ringTable (information)Router (computing)Roundness (object)Selectivity (electronic)Different (Kate Ryan album)Message passingSpacetimeService (economics)Bookmark (World Wide Web)Computer fontMusical ensembleRight angleComputer animation
21:42
Infinite conjugacy class propertyWireless LANWireless LANRight angleMereologyRow (database)FamilyComputer animation
22:39
Row (database)Hecke operatorMereologyEqualiser (mathematics)Greatest elementMultiplication signMessage passingService (economics)Source code
23:07
SoftwareIntegrated development environmentData structureDescriptive statisticsAreaInjektivitätAuthenticationCharacteristic polynomialWireless LANTrigonometric functionsMultiplication signComputer animation
23:51
InformationSpeech synthesisValidity (statistics)Group actionPhysical systemTable (information)Term (mathematics)Configuration spaceFamilyServer (computing)Water vaporProcess (computing)Musical ensembleStudent's t-testAddress spacePasswordStreaming mediaDifferent (Kate Ryan album)Multiplication signRight angleGame controllerMathematicsBand matrixCausalityBitExistential quantificationFrame problem
26:17
Maxima and minimaDenial-of-service attackMaizeMenu (computing)Pointer (computer programming)Integrated development environmentSoftware developerMusical ensembleDatabaseInformationPerspective (visual)SoftwareSoftware testingBitExistential quantificationPrice indexIntelPhysical systemPolygon meshCore dumpTable (information)Term (mathematics)Hydraulic jumpDataflowQuicksortSystem callConfiguration spaceInternetworkingBasis <Mathematik>Process (computing)Instance (computer science)State observerRouter (computing)AuthenticationData storage deviceWordPersonal identification numberData transmissionFirewall (computing)Observational studyTraffic reportingComputer fileMiniDiscTouchscreenSingle-precision floating-point formatMultiplication signService (economics)Demo (music)Forcing (mathematics)Maxima and minimaMatter waveDivisorServer (computing)PlanningPulse (signal processing)Personal digital assistantStudent's t-testElectronic mailing listClosed setDifferent (Kate Ryan album)ArmSpacetimeRight anglePort scannerComputer animation
34:22
InformationSelf-organizationDressing (medical)Computer programmingEntire functionIntegrated development environmentRemote procedure callField (computer science)Musical ensembleModule (mathematics)Focus (optics)Source codePlastikkarteOpen sourceCondition numberContext awarenessMultiplication signRule of inferenceWritingRight angleCodeHacker (term)WindowBand matrixLeakComplete metric spaceOpen setFrame problemEnterprise architecture
Transcript: English(auto-generated)