All Day

WWHF Pre-Conference Training

Multi-location Deadwood

One of the very cool things about Wild West Hackin’ Fest is that we bring the very best in infosec training, workshops, and presentations. Here are the training classes we have scheduled.

Event Series CTI 101

Cyber Threat Intelligence 101 w/ Wade Wells

HARCC - Boardroom 150 Sherman Street, Deadwood

Cyber Threat Intelligence (CTI) is a crucial component in the fight against malicious cyber actors. This entry-level course is designed to provide an overview of CTI, its importance, and how it is used to detect, prevent, and support others against cyber threats. The course covers the basics of CTI, including how to create intelligence, augmenting other teams with intelligence,  threat modeling, and the tools and techniques used to collect and analyze data. You will also learn about the intelligence cycle, which includes the steps involved in CTI collection, analysis, and dissemination.

Event Series Modern WebApp Pentesting

Modern WebApp Pentesting II w/ BB King

HARCC - Meeting Room 2 150 Sherman Street, Deadwood

Modern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. This course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today, based on the instructor’s many years of ongoing experience in testing real webapps today.

Event Series Introduction to Python

Introduction to Python w/ Joff Thyer

HARCC - Meeting Room 3 150 Sherman Street, Deadwood

This course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks.

Event Series Hacking Active Directory

Hacking Active Directory: Fundamentals and Techniques w/ Dale Hobbs

HARCC - Meeting Room 1 150 Sherman Street, Deadwood

The course simulates real world attack scenarios with a focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities.

We cover topics like  AD enumeration, what tools to use, domain privilege escalation, gaining credentials, Kerberos based attacks (Golden ticket, Silver ticket and more), and Delegation abuse. The training will be conducted in a hands-on manner, with participants performing various exercises and simulations to understand how attackers can compromise Active Directory environments.


Linux Command Line for Analysts & Operators w/ Hal Pomeranz

Cadillac Jack's - Little Chicago 360 Main Street, Deadwood

This 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home, so you can continue the learning even after class is over.

Event Series Offensive Development

Offensive Development w/ Greg Hatcher & John Stigerwalt

Cadillac Jack's - Roosevelt II 360 Main Street, Deadwood

Dive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code.

Event Series Introduction to Pentesting

Introduction to Pentesting w/ John Strand

John's Barn Deadwood

In this training course, we will examine the different types of penetration testing engagements and take a deep dive into establishing a repeatable testing methodology for executing quality tests. We will look at some tools of the trade to understand what they are doing under the hood, identify what separates a great finding from a good finding in reports, and really zero in on establishing your own methodology!

Threat Hunting & Incident Response with Velociraptor w/ Eric Capuano & Whitney Champion (16 Hours)

Cadillac Jack's - Roosevelt I 360 Main Street, Deadwood

Join experts Whitney Champion and Eric Capuano as they teach about Velociraptor! This course will teach you the ins and outs of Velociraptor for common threat hunting and incident response use-cases. This Velociraptor training course will provide you with the knowledge of deploying a server, distributing agents, finding threats, and responding to intrusions.

Event Series Advanced Endpoint Investigations

Advanced Endpoint Investigations w/ Alissa Torres

DMG: Conference Room 1906 Deadwood Mountain Drive, Deadwood

For most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection, investigative triage, incident response pivots, and root cause analysis.

Event Series Breaching the Cloud

Breaching the Cloud w/ Beau Bullock

DMG: Track 1 1906 Deadwood Mountain Drive, Deadwood

Do you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this training course, hacking concepts will be introduced for each of those services.

Event Series Enterprise Attack Initial Access

Enterprise Attack Initial Access w/ Steve Borosh

DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, Deadwood

Enterprises have been working tirelessly to improve their security postures through defense-in-depth approaches. Offensive teams have also been putting in long hours of research into bypassing the latest EDR’s and defensive products that keep them on their toes. Long gone “hopefully” are the days of hurdling an HTA file laced with a download cradle at a mature organization with a “Free iPad” ruse and watching your screen fill with incoming agents.

Event Series Next Level OSINT

Next Level OSINT w/ Mishaal Khan

Hampton Inn - Gatsby 1 531 Main St, Deadwood

The course progresses from basic to very advanced practical OSINT techniques that you can use in your investigative routine. No special software, operating system, or paid licenses are required. Bookmarks for all tools and websites used will be provided for quick access. 


Penetration Testing for Systems and Network Admins w/ Qasim Ijaz & Jake Nelson

Cadillac Jack's - Charleston I 360 Main Street, Deadwood

Not everyone taking a pen test class will want to be a penetration tester. Hence, we have organized this class to be a well-rounded experience, allowing both aspiring red teamers and blue teamers to get the most out of it. This class will provide students with hands-on experience with all phases of a penetration test, from information gathering to reporting.  


Ransomware Attack Simulation and Investigation for Blue Teamers w/ Markus Schober

Hampton Inn - Gatsby 2 531 Main St, Deadwood

As a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.