Seen via carnal0wnage

Paper presented in BlackHat DC 2011 that describes the methods used in real data exfiltrations.

I agree with the comments.  Companies tend to only accept a pentest focused only in some reduced systems  and with small time frames instead of conducting  a full scope exercise.

An attacker that really wants your secrets will use all the resources available to gain access to your network and will not care about time (keeping a foothold for many months).

Paper Slides