Wild West Hackin’ Fest
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, DeadwoodWild West Hackin’ Fest is the most happenin infosec conference on any side of the Mississippi!
Register Now!
Loading view.
Ongoing
Agent Mission: Cryptid Hunt at Wild West Hackin’ Fest!
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, DeadwoodAgents, we have a case for you. Sightings of multiple infosec cryptids have been reported at Wild West Hackin’ Fest 2023. As
Conference Registration
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, DeadwoodThe Registration Desk is your one-stop for checking in for the conference, getting your swag bag, finding out where things are happening, and so much more!
Martial Arts Workout w/ Cameron Cartier
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodJoin BHIS Penetration Tester Cameron Cartier for some martial arts practice to get warmed up and ready for the day!
Welcome/Announcements with John Strand
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodJohn Strand makes a few opening remarks and announcements to welcome conference attendees and get the conference rolling.
Keynote: We’re All Scared, Too: 10 Years of Lessons from Cybersecurity Mentorship – Lesley Carhart
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodHelping people choose career trajectories and overcome hurdles in employment has been a fascinating window into the fears, insecurities, concerns, problems, and victories of a wide range of people who work (or want to work) in cybersecurity. Many of their challenges are more universal than people are brave enough to admit, and everyone can learn from them to have a happier career.
Empowering the Cybersecurity Workforce: A Practical Guide to Effective Networking and Mentorship – Gerald Auger and James McQuiggan
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodThe ever-evolving landscape of cybersecurity threats demands a constant flow of new ideas, collaboration, and knowledge sharing. Professionals should consider the pivotal role that networking communities and mentorship play in fostering a resilient cybersecurity ecosystem.
DevSecOps Worst Practices – Tanya Janca
DMG: Track 2 1906 Deadwood Mountain Drive, DeadwoodQuite often when we read best practices we are told ‘what’ to do, but not the ‘why’. When we are told to ensure there are no false positives in the pipeline, the reason seems obvious, but not every part of DevOps is that intuitive, and not all ‘best practices’ make sense on first blush. Let’s explore tried, tested, and failed methods, and then flip them on their head, so we know not only what to do to avoid them, but also why it is important to do so, with these DevSecOps WORST practices.
Workshop: Physical Pentesting Tools and Tricks with Dave Fletcher and Rick Wisser
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodLearn a few tricks of the trade right next to a real lock picking lab with eight doors. Rick Wisser and David Flethcer will take you through a few common Physical Security misconfigurations and how to abuse them. They will also discuss Rules of Engagement and how to "Blend in While Breaking In". Following the presentation, members of WWHF will be there to assist you performing door hacks, LIVE!
Workshop: Point and Shoot to Continuous Auditing in the AWS Cloud – Andrew Krug
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, DeadwoodIn 2023 cloud environments are becoming increasingly complex resulting in wide variety of misconfigurations. In this workshop you'll learn how to use point and shoot tools from the open ecosystem for cloud security assessments along with a few pro tips on how to segment and sandbox those. We will also dive into continuous auditing and how to setup long term dashboards for organizations to assess their maturity over time. Attendees will leave with a firm understanding of how to leverage the tools, articulate which method is better based on use case, and assume various roles (safely) in the AWS. Don't miss this session with AntiSiphon instructor Andrew Krug. Attendees should bring a laptop with any modern Linux virtual machine or MacOS.
MetaCTF Capture the Flag
DMG: Stage 1906 Deadwood Mountain Drive, DeadwoodTest your infosec knowledge and hacking skillz in our in-conference capture the flag event!
Vendor Booth Hours
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodIn addition to all the workshops and talks, demos, and other events, we also have vendors who have come here to tell you all about their toys, software, and services! Take some time to say hello. We only invite cool people to our conference.
Trace Labs Capture the Flag
DMG: Stage 1906 Deadwood Mountain Drive, DeadwoodJoin the Trace Labs team while they host a 4 hour search party CTF during WWHF! Find key pieces of intelligence to help solve active missing persons cases. This CTF helps Law Enforcement and the Trace Labs team find active missing persons and sketch out a person's online footprint.
Escape Room
DMG: Hotel Lobby - Kids Room DeadwoodTry to escape a paranormal attack if you can! The police quickly left the crime scene and now it is up to you to solve it. As you come onto the scene, something triggers. You are being watched, and if you stay too long, it may be too late. Can you solve it, or will you become the next victim?
WWHF Hands-on Labs
DMG: Stage 1906 Deadwood Mountain Drive, DeadwoodTo help you hone your hacker skillz, and find the Truth that is Out There, we have a Bluetooth Lab, Keystoke Injection Lab, Doorbell Replay Lab, and so much more!
Lock Picking Demo with Ed Miro
DMG: Stage 1906 Deadwood Mountain Drive, DeadwoodEd Miro will be facilitating an open lockpicking area including practice locks and picks that will be available for you to play with.
AD and DNS: A Match Made in Heck – Jim Sykora and Jake Hildreth
DMG: Track 2 1906 Deadwood Mountain Drive, DeadwoodSince the mid-80s, the Domain Name System (DNS) has been instrumental in improving the useability of computer networks and the Internet. In 2000, Microsoft released Active Directory (AD) which combined DNS with a Lightweight Directory Access Protocol (LDAP) database and Kerberos authentication to create a unified directory service platform. Since AD’s release, the fates of AD and DNS have been linked. In fact, you might say they are married. In this talk, we will discuss existing DNS attacks that can be used to compromise AD and the ways to mitigate AD-specific DNS vulnerabilities.
What the Hack is Going on? An Offensive Look at Modern Breaches – Tim Medin
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodJoin this presentation for a comprehensive overview of modern cybersecurity threats and how breaches occur. We will highlight the various methods used by cybercriminals, including phishing, social engineering, and ransomware attacks, and emphasize the importance of identifying and addressing vulnerabilities before they can be exploited. There are a lot of vulnerabilities in the wild, and IT administrators and security professionals often focus on the wrong issues because they are easier to monitor or measure. By the end of the presentation, you will have gained valuable insights into the latest cybersecurity threats and how to protect against them.
GraphRunner: A Post-Exploitation Toolset for M365 – Beau Bullock & Steve Borosh
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodDuring this presentation, I will provide an in-depth exploration of GraphRunner's features, showcasing its role in elevating post-exploitation strategies. Designed to empower both red team professionals and defenders, this toolset equips users with a means to navigate the intricate Graph API at the heart of M365 and manipulate it for offensive purposes. GraphRunner offers functionalities that aid in lateral movement, data exfiltration, privilege escalation, and persistence within M365 accounts. By offering practical demonstrations of the toolset's capabilities, this talk aims to bridge the gap between theoretical attack concepts and their tangible real-world application.
Lunch
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodAt WWHF, we want to make sure you don't faint from lack of vittles while you are busy hacking and learning and having other kinds of fun. Come on down to the Deadwood Mountain Grand and break bread with us!
Workshop: Open-Source Intelligence (OSINT) – Joe Gray
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, DeadwoodDevelopers, penetration testers, managers, system administrators would all benefit from learning how to better detect and consolidate vulnerability and remediation efforts.
Hacking Azure AD Identities – Nestori Syynimaa
DMG: Track 2 1906 Deadwood Mountain Drive, DeadwoodIn the cloud era, identity has become a new security perimeter. Over 90 per cent of Fortune 500 organizations use Microsoft’s cloud-based identity and access management system, Azure AD.
DevSecOps for Red Team Initial Access Operations – Joff Thyer
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodThis presentation describes some of the challenges of malware development for Red Team initial access operations, and how continuous integration/continuous development (CICD) pipelines can be employed to assist in solving the challenges. The presentation will start by introducing some of the known techniques employed by modern endpoint defense software, and then describe how a CICD approach can be used to enable unique malware artifact production for bypass and initial access operational success. It is hoped that this presentation will stimulate ideas and discussion surrounding both source code obfuscation and related dynamically triggered child pipeline utilization.
Tool Shed Demo: CTF 101 – How to Play and Win
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodPython-written tool providing a one-liner command for accelerating the collection, processing, analysis and outputting of digital forensic artifacts.
Tool Shed Demo: WCE (Windows Commander and Exfiltrer) – Momen Eldawakhly
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodThis Python tool enables network node command and exfiltration while applying OPSEC to ensure the process is hidden by transmitting commands through window flags.
Hacking the Incident Response Team – Gerard Johansen
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodIncident Response teams need to be more capable in responding to attacks than ever before. Threat actors are continually updating their TTPs and their ability to rapidly traverse target networks. A significant challenge IR teams face is the lack of opportunities to leverage their tools and processes on a routine basis. Annual technical training or the organization-wide Tabletop Exercise (TTX) is insufficient in preparing IR teams to address the challenges. What is needed is actual practice against a live threat actor.
The Terminator Effect: AI’s Role in Fighting Cyber Threats – James McQuiggan
DMG: Track 2 1906 Deadwood Mountain Drive, DeadwoodTo effectively mitigate the risks associated with AI-based cybersecurity systems, it is crucial to implement a range of risk mitigation strategies, such as developing robust training datasets, multi-layered security architectures, industry-standard practices into accountability and transparency, and continuously monitoring and updating AI models. Additionally, organizations must prioritize the development of human-AI collaboration frameworks that enable seamless integration between human and AI-based cybersecurity systems.
Workshop: MITRE ATT&CK and the ATT&CK Navigator – Carrie Roberts
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, DeadwoodAll should come to gain hands-on experience with MITRE ATT&CK and the ATT&CK Navigator.
Tool Shed Demo: Elrond – Ben Smith
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodPython-written tool providing a one-liner command for accelerating the collection, processing, analysis and outputting of digital forensic artifacts.
Tool Shed Demo: Ek47 – Kevin Clark
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodBadrats is an open-source Command and Control (C2) tool designed for initial access. Supporting 5 unique implants written in different languages, it allows operators to switch up their tradecraft on the fly depending on the defensive controls in place inside a client environment.
The Truth is Out There: Solving the Mysteries of Lateral Movement Paths by Feeding Logs to the Hound – Olaf Hartong
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodIntroducing FalconHound, a toolkit that integrates with Microsoft Sentinel, Defender for Endpoint, the Azure Graph API, Neo4j and the BloodHound API to get the most out of your data. Some of its features allow it to track sessions, changes to the environment, alerts, and incidents on your entities and much, much more. All in near-real time!
JS-Tap: Weaponizing JavaScript for Red Teams – Drew Kirkpatrick
DMG: Track 2 1906 Deadwood Mountain Drive, DeadwoodRed teams have a different set of challenges and opportunities that are often not conducive to developing tailored JavaScript payloads. Custom applications often have unknown functionality and require a generic payload. Red teams also have opportunities to introduce malicious JavaScript beyond XSS vulnerabilities.
A new open source tool (JS-Tap) will be introduced that is designed to allow red teamers to attack applications using generic JavaScript used as either a post exploitation implant or an XSS payload.
Tool Shed Demo: OneDriveExplorer – Brian Maloney
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodThis presentation aims to walk through important One Drive artifacts, how to use OneDriveExplorer, and what value can be added from using OneDriveExplorer compared to conventionally used tools.
Tool Shed Demo: Token Tactics: A Tactical Usage Demo – Steve Borosh
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodIn this demo, BHIS's Steve Borosh will walk you through how an offensive operator may utilize this attack flow beginning with the initial phish, to accessing sensitive files on “restricted” SharePoint sites, and some detections and remediations along the way.
Exfiltrate and Command Network Nodes Like a Ghost! – Momen Eldawakhly
DMG: Track 2 1906 Deadwood Mountain Drive, DeadwoodOur role as “red teamers” is to try developing techniques that simulate these activities and to improve organisational security by training defensive security teams to check for every single bit (not literally) of data and also anticipate the locations from which attackers may conduct their operations. The technique discussed in this research only shows the basic mindset that can be developed further with each engagement.
The Rise of Large Language Models: Implications for Disinformation and the Future of Work – Heather Lawrence
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodThis presentation will provide an overview of LLMs, including their strengths and limitations, and discuss how they are being used in disinformation campaigns. Additionally, the presentation will examine the potential impact of LLMs on the future of work, particularly in the field of computer security, and highlight the need for new strategies to deal with the increasing sophistication of LLM-generated attacks. The talk will conclude by discussing the ethical and social implications of LLMs, particularly in relation to job displacement and data privacy.
Workshop: Incident Response for Humans – Nathan Case
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, DeadwoodToday's DevOps world has several new responsibilities added to the everyday engineer's existence. For example, a developer often has to assist in incident response and threat hunts. Unfortunately, these skills are hard to learn and can come at a cost if they are done on the job while an event is ongoing.
Tool Shed Demo: Aleph – Corey Ham
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodJoin BHIS's Corey Ham as he teaches about Aleph! Aleph is a tool that can be utilized for ingesting and analyzing unstructured data from ransomware, leaks, or even internal file shares. Corey will demonstrate how to ingest and extract useful data and information using Aleph.
Tool Shed Demo: pre-2k – Garrett Foster
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, DeadwoodJoin Garret Foster as he teaches about pre-2k! Pre-2k is an Active Directory auditing tool that identifies the existence of computer accounts configured with pre-Windows 2000 compatibility (default password) or without a password entirely.
That Shouldn’t Have Worked – An Intro to Evading AV/EDR – Corey Overstreet
DMG: Track 1 1906 Deadwood Mountain Drive, DeadwoodEndpoint protections are getting better every day. Attackers are having to change their tactics more and more to achieve execution which, in turn, makes it harder for red teams to emulate their attacks. In this talk, Corey Overstreet will be covering initial common methods used to get payloads around AV/EDR and application allow-listing.
Demystifying Design: Making Infosec Look Good – Caitlin Cash
DMG: Track 2 1906 Deadwood Mountain Drive, DeadwoodFonts are like pants for words. How you dress, how you speak, your non-verbal communication, is all part of what you convey to other people when interacting face to face. In graphics, design is that non-verbal portion of written communication. Here in the information security world, design can help facilitate that knowledge transfer, making content easier to understand, tools more identifiable, and interfaces more accessible.
Steak Dinner!
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodWild West Hackin’ Fest is the only conference around where you get a genuine, cowboy-style steak dinner with all the trimmings!
Calf Roping and Mechanical Bull
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodWWHF is the only hacking event where you can not only ride a mechanical bull, but you can even learn how to rope and tie a calf!
Wild West Photos
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodAt WWHF, we like to have fun! And in keeping with the wild west theme, we have a photographer on site to take old time style photos! Bring your own wild west costumes, or borrow some for the shoot from the goodies we will have there for you to use!
A Knight of Chess Tournament
DMG: Stage 1906 Deadwood Mountain Drive, DeadwoodCome join the us for a rousing game of chess at the 1st WWHF Chess tournament!
Whose Slide is it? with Danny “Rand0h” Akacki
DMG: General Session Area 1906 Deadwood Mountain Drive, DeadwoodEver had a dream where you were in front of hundreds of people waiting for you to give a presentation only to realize you’ve never seen the slides, don’t know the subject, and everyone there expects you to be the expert? Yes? Well buckle up because that dream becomes an entertaining dumpster fire of infosec proportions when you join us at Wild West Hackin’ Fest for Slide Show Roulette!