Presentation Title Gone in 60 Minutes: Stealing Sensitive Data from Thousands of Systems Simultaneously
Presentation Abstract
Got domain admin to a couple of thousand Windows systems? Got an hour to spare? Steal sensitive data from all of these systems simultaneously in under an hour with OpenDLP.
OpenDLP is an open source, agent-based, massively distributable, centrally managed data discovery program that runs as a service on Windows systems and is controlled from a centralized web application. The agent is written in C, has no .NET requirements, uses PCREs for pattern matching, reads inside ZIPs like Office 2007 and OpenOffice files, runs as a low priority service so users do not see or feel it, and securely transmits results to the centralized web application on a regular basis. The web application distributes, installs, and uninstalls agents over SMB; allows you to create reusable profiles, view results in realtime, and mark false positives; and exports results as XML.
About Andrew Gavin
Andrew Gavin, creator of OpenDLP, is an information security consultant with more than ten years of experience in security assessments of networks and applications. He has consulted for numerous customers in various industries around the world.