Explore intelligence-led penetration testing in this 26-minute Security BSides London conference talk by Cam Buchanan. Learn how to evolve penetration testing methods to combat sophisticated cyber-attacks by incorporating threat intelligence and OSINT. Discover BAE Systems' approach to collecting, repurposing, and mimicking real attack toolkits attributed to threat actors. Gain insights into turning threat intelligence reports into actionable tests, emulating distinct attack groups and tools. Understand the process of applying this knowledge to STAR and intelligence-led penetration testing assignments. Topics covered include threat intelligence, DLLs, watering hole attacks, DLL sideloading, JPEG steganography, and potential drawbacks of these methods.