ToorCon TwentyOne speaker: Jesse (@bashexplode)

Jesse Nebling is a senior engineer and operator on an internal Red Team for a Big 4 firm, a guitarist of cult classic band Free Parking!, and an electronic music producer (@bashexplode) based out of Seattle. Jesse was a consultant for over 7 years that has done penetration tests and full scope red team operations for businesses in a ton of industry sectors including quite a few Fortune 100 businesses. Now that he is helping build out a new Red Team, he is refining and developing awesome new tactics and tools for all steps of the killchain.

The speaker's profile picture


Purple Haze: The SpearPhishing Experience

Someone great once said "pentesting doesn't have to be all dropping exploits and launching shells." I disagree. Not many people truly understand the grueling task of developing a new campaign, designing sick docs, building killer malware, or why the Red Team operates the way they do during a spearphishing campaign to ‘get those shells’. This talk will cover what the Red Team is really doing when they are trying to gain a foothold through social engineering as well as how Blue Teams can leverage this technical insight to combat the dreaded spearphish.