TMI: Testing and Exploiting SharePoint presented at DerbyCon 2013

by Kevin Johnson, James Jardine,

Summary : SharePoint has become one of the most common platforms in organizations today. Originally designed for simple content management, it has grown into a workflow, CMS and communication powerhouse that run on intranets and the Internet all over the Internet. While it is powerful, most organizations do not realize the risks it exposes within their organization. Kevin Johnson and James Jardine of Secure Ideas will be walking attendees through the systems available under the SharePoint name, as well as showing ways that penetration testers are able to assess and exploit them. They will also be releasing a series of tools and guidelines to help organizations assess their SharePoint systems.