BlackHat Las Vegas – Adaptive Penetration Testing

Taught ‘Adaptive Penetration Testing’ at BlackHat. The lab environment was completely written via Terraform and Jsonnet, with dynamically generated VPN configurations for each team. It included very extensive Active Directory environments, user directories, and Linux services, and even included a Capture the Flag element with one flag requiring the successful exploitation of an EC2 instance metadata SSRF. The automation for this environment was so resilient that it is still in use today.