Summary:

In this episode of Exploring Information Security, host Tim De Block sits down with James Gillkey to discuss hands-on hacking training at ShowMeCon. James is revamping a long-standing pentesting training course to bring modern techniques, updated tools, and a focus on efficiency to security professionals. He shares insights into building effective training labs, leveraging Python virtual environments, and incorporating real-world offensive security methodologies into a structured learning experience.

Topics Discussed

• The evolution of hands-on hacking training and its history

• Setting up virtualized pentesting environments with Python and GitHub tools

• Common mistakes in pentesting and how to avoid them

• The balance between red team engagements and SOC awareness

• The importance of password cracking, enumeration, and network recon

• How cloud security assessments differ from traditional network pentesting

• The role of AI in pentesting and whether it’s a useful tool or a shortcut

• ShowMeCon’s Fallout-themed hacking lab and what to expect in the training

Key Takeaways

• Hands-on experience is crucial. The best way to learn pentesting is by doing it.

• Virtualized environments simplify tool management and prevent conflicts.

• AI is an emerging tool in pentesting, but it doesn’t replace fundamental knowledge.

• Cloud security requires a different mindset due to its unique challenges and toolsets.

• Communication with SOC teams is essential to avoid unnecessary panic during testing.

• Efficiency matters. The goal of the training is to give students actionable skills they can use immediately.

Further Resources

• James Gillkey on Twitter/X – @RetroCodex

Use the promo code “ExploringSec” to get $50 off your registration

Showmecon Links and Resources:

• Learn more about ShowMeCon: showmecon.com

• Register for Training or the Conference: Registration Link

• Event Venue and Room Block Information: Ameristar Casino & Resort

• Connect with the Founder of ShowMeCon Dave Chronister: LinkedIn Profile

• Connect with the Head Organizer for ShowMeCon Brooke Deneen: LinkedIn Profile

Support the Podcast:

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn][YouTube]