BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsidesaugusta2023//speaker//GBW7AR
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesaugusta2023-MDJ7PV@pretalx.com
DTSTART;TZID=EST:20231007T123000
DTEND;TZID=EST:20231007T133000
DESCRIPTION:The offensive industry is about exploring what’s possible. Pa
 rt of this is observing and taking lessons from other disciplines that hav
 e already solved a myriad of related challenges\, from proper software eng
 ineering practices to using graph theory for offensive problems. But despi
 te various leaps forward over the last several years\, the offensive post-
 exploitation community has yet to fully embrace data analysis and enrichme
 nt pipelines beyond basic log aggregation and searching. If offensive tool
 s were structured for automated processing instead of solely human consump
 tion\, we could unify post-ex data to exploit the known (and unknown) rela
 tionships within the data our offensive tools emit.\n\nImagine a system th
 at could ingest data from any C2 framework or post-ex tool\, and could not
  just automate common operator tasks like binary analysis for known vulner
 abilities and hash extraction and cracking of encrypted documents\, but co
 uld perform complex offline analysis like host privilege escalation. If we
  could unify all post-exploitation data from offensive engagements we coul
 d improve operator workflows\, provide tradecraft assistance\, facilitate 
 automation of onerous tasks\, and uncover new data-driven research opportu
 nities. A year ago\, our team embarked on the development of just such a s
 ystem\, and we are excited to introduce the result of our effort: Nemesis.
 \n\nThis presentation will start by detailing the various red team challen
 ges regarding data\, leading into how this influenced Nemesis’ architect
 ural decisions and design. Along the way we’ll cover various time-saving
  automations Nemesis can perform along with offensive data enrichments and
  analytics the engine can produce. This is the start of a true universal o
 perator assistance platform\, with operator guidance contextualized by dat
 a as it comes into command and control platforms. Beyond this\, Nemesis wi
 ll enable the emerging discipline of offensive data analysis\, which we ho
 pe will unlock possibilities we can’t even imagine.
DTSTAMP:20260306T112300Z
LOCATION:Track 3
SUMMARY:Meet Your Nemesis: Fighting Data With Data - Will Schroeder\, Maxwe
 ll Harley
URL:https://pretalx.com/bsidesaugusta2023/talk/MDJ7PV/
END:VEVENT
END:VCALENDAR