Pentesting Chatops

In this talk Melanie Rieback will introduce the basics of Pentesting ChatOps, and will discuss the processes and open-source tools needed to enable Pentesting ChatOps within your own organization. ChatOps, a concept originating from Github, is chatroom-driven DevOps for distributed teams, using chatbots (like Hubot) to execute custom scripts and plugins. We have applied the concept of ChatOps to the penetration testing workflow, and found that it fits outstandingly – for everything from routine scanning to spearphishing to pentest gamification. This talk discusses the tools that we use (RocketChat, Hubot, Gitlab, pentesting tools), and provides battle stories of using Pentesting ChatOps in practice.