BEGIN:VCALENDAR PRODID:-//vBulletin 6//EN VERSION:2.0 CALSCALE:GREGORIAN BEGIN:VEVENT UID:d3e8b5aa-6d8d-496c-b49e-f6f6941cba9a DTSTAMP:20260428T202238Z SUMMARY:Lambda Looter - Doug Kent &\; Rob Ditmer DESCRIPTION:Lambda Looter\n\nSaturday August 12\, 10:00 – 11:55\, Accord Boardroom\, Forum\n\nDoug Kent & Rob Ditmer\n\nOrganizations can have thou sands of lines of code that are stored in Lambda on AWS. This application was built to help reduce the amount of time it takes to review that code. On our last Pen Test\, we had so much Lambda code to review it was impossi ble to parse through all of it in the short amount of time assigned to our test. This lack of time created a necessity to automate the review of tha t lambda code for secrets. Lambda Looter will take a list of profiles and scan through them and download the code you have access to and then proces s that code for secrets\, outputting any potential secrets to a loot direc tory. Even though this tool can generate a number of false positives it ma kes looking for secrets much faster than scanning the code manually.\n\nDo ug has worked at State Farm for about 20 years. Working on mostly security technologies ranging from Active Directory\, PKI\, Endpoint protection an d finally landing recently on the Pen Testing team. Doug has a passion for identifying vulnerabilities and partnering with control solution teams to protect State Farm data and fulfill our promise to customers. He strives to help others with offensive security skills by providing training\, guid ance\, and kill chain demonstrations.\n\nRob has been on the State Farm Pe nTesting Team for 2 years. Prior to his time at State Farm\, he has worked with various other companies as a penetration testing consultant – enab ling him to experience a wide range of technologies and their differing im plementations. Rob enjoys the challenge of developing tools and infrastruc ture to better the skills and abilities of the PenTesting team\, ultimatel y to better the protections around State Farm data.\n\nAudience - Penetrat ion Testers\, Red Teamers\, AWS Admins\, AWS Developers\, Threat Hunters ​ URL:https://forum.defcon.org/node/246323 DTSTART:20230812T180000Z DTEND:20230812T195501Z LOCATION:Accord Boardroom\, Forum END:VEVENT END:VCALENDAR