2025-08-04 –, Florentine E
Penetration tests are a race; you’re up against the clock, the blue team, and real-world criminals going after the same systems. Knowing where to look, what to spend your time on, and how to move fast is everything. This rapid-fire session delivers 22 practical tips to help you find juicy targets faster, pivot cleaner, and avoid wasting time on noise. From recon to lateral movement (and everything in between), these techniques are built for speed and getting the most out of every packet, port, and pivot. Whether you’re on a red team or just want to better understand your exposure, you’ll leave with new ways to spot weak links fast—and exploit them even faster.
Modern penetration testing is no longer about running one big scan and waiting for low-hanging fruit to drop. It’s about speed, precision, adaptability, and the ability to recognize opportunity from noise. The faster a red team can identify viable paths to privilege or data, the more time they have to focus on meaningful exploitation—and the more value they deliver.
This talk is built for speed. It’s a rapid-fire delivery of 22 tactical tips, designed for operators working against the clock and under pressure. Each tip targets a specific phase of a real-world engagement—covering everything from network recon to post-exploitation pivots—emphasizing tools, logic, and lateral thinking that yield fast results.
The techniques in this session are grounded in real-world experience from assessments where time is short and the environment is unknown. These aren’t theoretical tactics—they’re the battle-tested shortcuts and field-proven workflows that separate successful engagements from an empty report.
This session is for:
* Penetration testers looking to sharpen their time-to-impact
* Red teamers working inside constrained, high-pressure environments
* Blue teamers wanting to understand how attackers think and move
* Developers or sysadmins curious about how attackers prioritize and exploit their systems
The primary goal is to arm attendees with fast, effective methods for:
* Finding valuable targets with minimal noise
* Recognizing indirect indicators of vulnerable systems
* Pivoting across infrastructure and through segmentation
* Avoiding tool fatigue and maximizing signal-per-effort
This talk is structured as a guided sprint through the offensive lifecycle, starting from outside-in, to a foothold on an intermediate system, and finally to the most critical targets within the environment. Each tactic is immediately useful, often tool-agnostic, and focused on high leverage with low effort.
HD Moore is a pioneer of the cybersecurity industry who has dedicated his career to vulnerability research, network discovery, and software development since the 1990s. He is most recognized for creating Metasploit and is a passionate advocate for open-source software and vulnerability disclosure.
HD serves as the CEO and co-founder of runZero, a provider of cutting-edge exposure management software and cloud services. Prior to founding runZero, he held leadership positions at Atredis Partners, Rapid7, and BreakingPoint. HD has also been a frequent speaker at industry events such as Black Hat and DEF CON.
HD’s professional journey began with exploring telephone networks, developing exploits for the Department of Defense, and hacking into financial institution networks. When he’s not working, he enjoys hacking on weird Go projects, building janky electronics, running in circles, and playing single-player RPGs.