Training Registration
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOn-Site Registration for Training. Please show up early if you are attending classes.
Loading view.
Deadwood 2023
Dinner for All Training Attendees
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOne of the many perks of attending the pre-conference training is that we feed you! Training attendees are invited to join WWHF
Training Registration
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOn-Site Registration for Training. Please show up early if you are attending classes.
WWHF Pre-Conference Training
Multi-location DeadwoodOne of the very cool things about Wild West Hackin’ Fest is that we bring the very best in infosec training, workshops, and presentations. Here are the training classes we have scheduled.
Modern WebApp Pentesting II w/ BB King
TBDModern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. This course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today, based on the instructor’s many years of ongoing experience in testing real webapps today.
$1095
Introduction to Python w/ Joff Thyer
TBDThis course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks.
$1095
Hacking Active Directory: Fundamentals and Techniques w/ Dale Hobbs
TBDThe course simulates real world attack scenarios with a focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities.
We cover topics like AD enumeration, what tools to use, domain privilege escalation, gaining credentials, Kerberos based attacks (Golden ticket, Silver ticket and more), and Delegation abuse. The training will be conducted in a hands-on manner, with participants performing various exercises and simulations to understand how attackers can compromise Active Directory environments.
$1095
Linux Command Line for Analysts & Operators w/ Hal Pomeranz
TBDThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home, so you can continue the learning even after class is over.
$1095
Offensive Development w/ Greg Hatcher & John Stigerwalt
Dive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code.
Introduction to Pentesting w/ John Strand
In this training course, we will examine the different types of penetration testing engagements and take a deep dive into establishing a repeatable testing methodology for executing quality tests. We will look at some tools of the trade to understand what they are doing under the hood, identify what separates a great finding from a good finding in reports, and really zero in on establishing your own methodology!
Threat Hunting & Incident Response with Velociraptor w/ Eric Capuano & Whitney Champion (16 Hours)
Clicking this button will take you to Cvent to complete your registration. Course Description In this course, we will explore every aspect
Advanced Endpoint Investigations w/ Alissa Torres
TBDFor most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection, investigative triage, incident response pivots, and root cause analysis.
$1095
Breaching the Cloud w/ Beau Bullock
Do you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this training course, hacking concepts will be introduced for each of those services.
$1095
Enterprise Attack Initial Access w/ Steve Borosh
Enterprises have been working tirelessly to improve their security postures through defense-in-depth approaches. Offensive teams have also been putting in long hours of research into bypassing the latest EDR’s and defensive products that keep them on their toes. Long gone “hopefully” are the days of hurdling an HTA file laced with a download cradle at a mature organization with a “Free iPad” ruse and watching your screen fill with incoming agents.
$1095
Next Level OSINT w/ Mishaal Khan
The course progresses from basic to very advanced practical OSINT techniques that you can use in your investigative routine. No special software, operating system, or paid licenses are required. Bookmarks for all tools and websites used will be provided for quick access.
$1095
Penetration Testing for Systems and Network Admins w/ Qasim Ijaz & Jake Nelson
Not everyone taking a pen test class will want to be a penetration tester. Hence, we have organized this class to be a well-rounded experience, allowing both aspiring red teamers and blue teamers to get the most out of it. This class will provide students with hands-on experience with all phases of a penetration test, from information gathering to reporting.
$1095
Ransomware Attack Simulation and Investigation for Blue Teamers w/ Markus Schober
As a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
$1095
Training Registration
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOn-Site Registration for Training. Please show up early if you are attending classes.
Wild West Hackin’ Fest
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesWild West Hackin’ Fest is the most happenin infosec conference on any side of the Mississippi!
Register Now!
Modern WebApp Pentesting II w/ BB King
TBDModern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. This course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today, based on the instructor’s many years of ongoing experience in testing real webapps today.
$1095
Introduction to Python w/ Joff Thyer
TBDThis course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks.
$1095
Hacking Active Directory: Fundamentals and Techniques w/ Dale Hobbs
TBDThe course simulates real world attack scenarios with a focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities.
We cover topics like AD enumeration, what tools to use, domain privilege escalation, gaining credentials, Kerberos based attacks (Golden ticket, Silver ticket and more), and Delegation abuse. The training will be conducted in a hands-on manner, with participants performing various exercises and simulations to understand how attackers can compromise Active Directory environments.
$1095
Linux Command Line for Analysts & Operators w/ Hal Pomeranz
TBDThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home, so you can continue the learning even after class is over.
$1095
Intro to Offensive Tooling w/ Chris Traynor
TBDThis hands-on course covers a variety of offensive tools, such as Nmap, Recon-ng, Metasploit, Proxychains, Responder, and many more. Through a series of practical labs, you will gain experience in using these tools to assess the security of systems and networks.
In addition to learning how to use these tools effectively, you will also explore the ethical considerations surrounding offensive tooling, how to responsibly use these tools to protect sensitive information, and prevent cyber attacks.
$725
Offensive Development w/ Greg Hatcher & John Stigerwalt
Dive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code.
Introduction to Pentesting w/ John Strand
In this training course, we will examine the different types of penetration testing engagements and take a deep dive into establishing a repeatable testing methodology for executing quality tests. We will look at some tools of the trade to understand what they are doing under the hood, identify what separates a great finding from a good finding in reports, and really zero in on establishing your own methodology!
Threat Hunting & Incident Response with Velociraptor w/ Eric Capuano & Whitney Champion (16 Hours)
Clicking this button will take you to Cvent to complete your registration. Course Description In this course, we will explore every aspect
Advanced Endpoint Investigations w/ Alissa Torres
TBDFor most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection, investigative triage, incident response pivots, and root cause analysis.
$1095
Breaching the Cloud w/ Beau Bullock
Do you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this training course, hacking concepts will be introduced for each of those services.
$1095
Enterprise Attack Initial Access w/ Steve Borosh
Enterprises have been working tirelessly to improve their security postures through defense-in-depth approaches. Offensive teams have also been putting in long hours of research into bypassing the latest EDR’s and defensive products that keep them on their toes. Long gone “hopefully” are the days of hurdling an HTA file laced with a download cradle at a mature organization with a “Free iPad” ruse and watching your screen fill with incoming agents.
$1095
Next Level OSINT w/ Mishaal Khan
The course progresses from basic to very advanced practical OSINT techniques that you can use in your investigative routine. No special software, operating system, or paid licenses are required. Bookmarks for all tools and websites used will be provided for quick access.
$1095
Penetration Testing for Systems and Network Admins w/ Qasim Ijaz & Jake Nelson
Not everyone taking a pen test class will want to be a penetration tester. Hence, we have organized this class to be a well-rounded experience, allowing both aspiring red teamers and blue teamers to get the most out of it. This class will provide students with hands-on experience with all phases of a penetration test, from information gathering to reporting.
$1095
Ransomware Attack Simulation and Investigation for Blue Teamers w/ Markus Schober
As a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
$1095
Conference Registration
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOn-Site Registration for the in-person conference. The Registration Desk is your one-stop for checking in for the conference, getting your swag bag,
Talkin’ Bout (Infosec) News – Live
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesYou’ve seen the weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories. Now see us do it
Opening Remarks | Sponsor Stampede
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesJohn Strand makes a few opening remarks and announcements to welcome conference attendees and get the conference rolling.
Conference Registration
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOn-Site Registration for the in-person conference. The Registration Desk is your one-stop for checking in for the conference, getting your swag bag,
Martial Arts Workout w/ Cameron Cartier
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesJoin BHIS Penetration Tester Cameron Cartier for some martial arts practice to get warmed up and ready for the day!
Welcome/Announcements with John Strand
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesJohn Strand makes a few opening remarks and announcements to welcome conference attendees and get the conference rolling.
Keynote: We’re All Scared, Too: 10 Years of Lessons from Cybersecurity Mentorship – Lesley Carhart
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesHelping people choose career trajectories and overcome hurdles in employment has been a fascinating window into the fears, insecurities, concerns, problems, and victories of a wide range of people who work (or want to work) in cybersecurity. Many of their challenges are more universal than people are brave enough to admit, and everyone can learn from them to have a happier career.
Empowering the Cybersecurity Workforce: A Practical Guide to Effective Networking and Mentorship – Gerald Auger and James McQuiggan
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThe ever-evolving landscape of cybersecurity threats demands a constant flow of new ideas, collaboration, and knowledge sharing. Professionals should consider the pivotal role that networking communities and mentorship play in fostering a resilient cybersecurity ecosystem.
DevSecOps Worst Practices – Tanya Janca
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesQuite often when we read best practices we are told ‘what’ to do, but not the ‘why’. When we are told to ensure there are no false positives in the pipeline, the reason seems obvious, but not every part of DevOps is that intuitive, and not all ‘best practices’ make sense on first blush. Let’s explore tried, tested, and failed methods, and then flip them on their head, so we know not only what to do to avoid them, but also why it is important to do so, with these DevSecOps WORST practices.
Workshop: Physical Pentesting Tools and Tricks with Dave Fletcher and Rick Wisser
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesLearn a few tricks of the trade right next to a real lock picking lab with eight doors. Rick Wisser and David Flethcer will take you through a few common Physical Security misconfigurations and how to abuse them. They will also discuss Rules of Engagement and how to "Blend in While Breaking In". Following the presentation, members of WWHF will be there to assist you performing door hacks, LIVE!
Workshop: Point and Shoot to Continuous Auditing in the AWS Cloud – Andrew Krug
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesIn 2023 cloud environments are becoming increasingly complex resulting in wide variety of misconfigurations. In this workshop you'll learn how to use point and shoot tools from the open ecosystem for cloud security assessments along with a few pro tips on how to segment and sandbox those. We will also dive into continuous auditing and how to setup long term dashboards for organizations to assess their maturity over time. Attendees will leave with a firm understanding of how to leverage the tools, articulate which method is better based on use case, and assume various roles (safely) in the AWS. Don't miss this session with AntiSiphon instructor Andrew Krug. Attendees should bring a laptop with any modern Linux virtual machine or MacOS.
MetaCTF Capture the Flag
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesTest your infosec knowledge and hacking skillz in our in-conference capture the flag event!
Vendor Booth Hours
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDetails coming soon!
Trace Labs Capture the Flag
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThe Trace Labs leadership team will be onsite hosting a 4 hour Search Party CTF during WWHF. The “CTF” will feature active
Escape Room
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDetails coming soon!
WWHF Hands-on Labs
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDetails coming soon!
Lock Picking Demo with Ed Miro
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesTest your infosec knowledge and hacking skillz in our in-conference capture the flag event!
AD and DNS: A Match Made in Heck – Jim Sykora and Jake Hildreth
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesSince the mid-80s, the Domain Name System (DNS) has been instrumental in improving the useability of computer networks and the Internet. In 2000, Microsoft released Active Directory (AD) which combined DNS with a Lightweight Directory Access Protocol (LDAP) database and Kerberos authentication to create a unified directory service platform. Since AD’s release, the fates of AD and DNS have been linked. In fact, you might say they are married. In this talk, we will discuss existing DNS attacks that can be used to compromise AD and the ways to mitigate AD-specific DNS vulnerabilities.
What the Hack is Going on? An Offensive Look at Modern Breaches – Tim Medin
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesJoin this presentation for a comprehensive overview of modern cybersecurity threats and how breaches occur. We will highlight the various methods used by cybercriminals, including phishing, social engineering, and ransomware attacks, and emphasize the importance of identifying and addressing vulnerabilities before they can be exploited. There are a lot of vulnerabilities in the wild, and IT administrators and security professionals often focus on the wrong issues because they are easier to monitor or measure. By the end of the presentation, you will have gained valuable insights into the latest cybersecurity threats and how to protect against them.
GraphRunner: A Post-Exploitation Toolset for M365 – Beau Bullock & Steve Borosh
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDuring this presentation, I will provide an in-depth exploration of GraphRunner's features, showcasing its role in elevating post-exploitation strategies. Designed to empower both red team professionals and defenders, this toolset equips users with a means to navigate the intricate Graph API at the heart of M365 and manipulate it for offensive purposes. GraphRunner offers functionalities that aid in lateral movement, data exfiltration, privilege escalation, and persistence within M365 accounts. By offering practical demonstrations of the toolset's capabilities, this talk aims to bridge the gap between theoretical attack concepts and their tangible real-world application.
Lunch
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDetails coming soon!
Workshop: Open-Source Intelligence (OSINT)
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDevelopers, penetration testers, managers, system administrators would all benefit from learning how to better detect and consolidate vulnerability and remediation efforts.
Hacking Azure AD Identities – Nestori Syynimaa
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesIn the cloud era, identity has become a new security perimeter. Over 90 per cent of Fortune 500 organizations use Microsoft’s cloud-based identity and access management system, Azure AD.
DevSecOps for Red Team Initial Access Operations – Joff Thyer
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThis presentation describes some of the challenges of malware development for Red Team initial access operations, and how continuous integration/continuous development (CICD) pipelines can be employed to assist in solving the challenges. The presentation will start by introducing some of the known techniques employed by modern endpoint defense software, and then describe how a CICD approach can be used to enable unique malware artifact production for bypass and initial access operational success. It is hoped that this presentation will stimulate ideas and discussion surrounding both source code obfuscation and related dynamically triggered child pipeline utilization.
Hacking the Incident Response Team – Gerard Johansen
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesIncident Response teams need to be more capable in responding to attacks than ever before. Threat actors are continually updating their TTPs and their ability to rapidly traverse target networks. A significant challenge IR teams face is the lack of opportunities to leverage their tools and processes on a routine basis. Annual technical training or the organization-wide Tabletop Exercise (TTX) is insufficient in preparing IR teams to address the challenges. What is needed is actual practice against a live threat actor.
The Terminator Effect: AI’s Role in Fighting Cyber Threats – James McQuiggan
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesTo effectively mitigate the risks associated with AI-based cybersecurity systems, it is crucial to implement a range of risk mitigation strategies, such as developing robust training datasets, multi-layered security architectures, industry-standard practices into accountability and transparency, and continuously monitoring and updating AI models. Additionally, organizations must prioritize the development of human-AI collaboration frameworks that enable seamless integration between human and AI-based cybersecurity systems.
Workshop: MITRE ATT&CK and the ATT&CK Navigator – Carrie Roberts
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesAll should come to gain hands-on experience with MITRE ATT&CK and the ATT&CK Navigator.
The Truth is Out There: Solving the Mysteries of Lateral Movement Paths by Feeding Logs to the Hound – Olaf Hartong
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesIntroducing FalconHound, a toolkit that integrates with Microsoft Sentinel, Defender for Endpoint, the Azure Graph API, Neo4j and the BloodHound API to get the most out of your data. Some of its features allow it to track sessions, changes to the environment, alerts, and incidents on your entities and much, much more. All in near-real time!
JS-Tap: Weaponizing JavaScript for Red Teams – Drew Kirkpatrick
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesRed teams have a different set of challenges and opportunities that are often not conducive to developing tailored JavaScript payloads. Custom applications often have unknown functionality and require a generic payload. Red teams also have opportunities to introduce malicious JavaScript beyond XSS vulnerabilities.
A new open source tool (JS-Tap) will be introduced that is designed to allow red teamers to attack applications using generic JavaScript used as either a post exploitation implant or an XSS payload.
Exfiltrate and Command Network Nodes Like a Ghost! – Momen Eldawakhly
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOur role as “red teamers” is to try developing techniques that simulate these activities and to improve organisational security by training defensive security teams to check for every single bit (not literally) of data and also anticipate the locations from which attackers may conduct their operations. The technique discussed in this research only shows the basic mindset that can be developed further with each engagement.
The Rise of Large Language Models: Implications for Disinformation and the Future of Work – Heather Lawrence
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThis presentation will provide an overview of LLMs, including their strengths and limitations, and discuss how they are being used in disinformation campaigns. Additionally, the presentation will examine the potential impact of LLMs on the future of work, particularly in the field of computer security, and highlight the need for new strategies to deal with the increasing sophistication of LLM-generated attacks. The talk will conclude by discussing the ethical and social implications of LLMs, particularly in relation to job displacement and data privacy.
Workshop: Incident Response for Humans – Nathan Case
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesToday's DevOps world has several new responsibilities added to the everyday engineer's existence. For example, a developer often has to assist in incident response and threat hunts. Unfortunately, these skills are hard to learn and can come at a cost if they are done on the job while an event is ongoing.
That Shouldn’t Have Worked – An Intro to Evading AV/EDR – Corey Overstreet
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesEndpoint protections are getting better every day. Attackers are having to change their tactics more and more to achieve execution which, in turn, makes it harder for red teams to emulate their attacks. In this talk, Corey Overstreet will be covering initial common methods used to get payloads around AV/EDR and application allow-listing.
Demystifying Design: Making Infosec Look Good – Caitlin Cash
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesFonts are like pants for words. How you dress, how you speak, your non-verbal communication, is all part of what you convey to other people when interacting face to face. In graphics, design is that non-verbal portion of written communication. Here in the information security world, design can help facilitate that knowledge transfer, making content easier to understand, tools more identifiable, and interfaces more accessible.
Steak Dinner!
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesWild West Hackin’ Fest is the only conference around where you get a genuine, cowboy-style steak dinner with all the trimmings!
Calf Roping and Mechanical Bull
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesWWHF is the only hacking event where you can not only ride a mechanical bull, but you can even learn how to rope and tie a calf!
Wild West Photos
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesAt WWHF, we like to have fun! And in keeping with the wild west theme, we have a photographer on site to take old time style photos! Bring your own wild west costumes, or borrow some for the shoot from the goodies we will have there for you to use!
A Knight of Chess Tournament
DMG: Stage Deadwood, SD, United StatesAll work and no play make for a dull life. What kind of play is better for the brain than chess? Come
Whose Slide is it? with Danny “Rand0h” Akacki
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDetails coming soon!
Run with BHIS
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesFor all you athletes and people who enjoy running through beautiful places, this event is for you! Meet at the entrance of
Martial Arts Workout w/ Cameron Cartier
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesJoin BHIS Penetration Tester Cameron Cartier for some martial arts practice to get warmed up and ready for the day!
Conference Registration
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesOn-Site Registration for the in-person conference. The Registration Desk is your one-stop for checking in for the conference, getting your swag bag,
Campfire Talk: 5 Ways to be Successful in a Fortune 5 SOC – Ben Renz and Vidur Ravella
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesA quick talk covering the experiences of 2 former SOC analysts who started as associates going to senior and managers in the SOC. This talk with be addressing the 5 ways, we found out and trained others, to use to be successful when working in a SOC.
Announcements with John Strand
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesJohn Strand makes a few opening remarks and announcements to welcome conference attendees and get the conference rolling.
Six Things DevOps Wants from InfoSec – Naomi Buckwalter
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesWhy does it seem that DevOps and Security are always at odds with each other? Why does Security have such a bad reputation among developers? In this talk, "Six Things DevOps Wants from InfoSec", you'll learn that developers actually WANT to work with Security - they care about writing secure code! But we as security professionals need to understand that developers don't want another "Big Brother" telling them what to do - they need an active and supportive partner in the delivery process. This talk will showcase six things that every DevOps teams want from their InfoSec teams. Everyone is on the same team, after all. Let's help DevOps accomplish their goal to release the best - and most secure - code possible.
The Truth is Out There: Unveiling Secrets with Open Source Intelligence – Joe Gray
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesIn an era where information is becoming the world's most valuable commodity, understanding how to access, analyze, and apply this resource effectively is critical. This talk, "The Truth is Out There: Unveiling Secrets with Open Source Intelligence," will demystify the world of OSINT and explore its role in today's digitally driven society.Much like the iconic television series "The X-Files," the sphere of Open Source Intelligence is filled with intrigue, suspense, and a relentless pursuit of truth. This talk will guide participants through the shadowy digital world, revealing how OSINT techniques enable us to expose hidden information, connect the dots, and discern the truth behind the often bewildering data cloud.
Workshop: Practical Soldering – Rick Wisser
DMG: Track 4 - Back Stage 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesAre you interested in learning how to solder? Well you are in luck! This year Rick Wisser from BHIS has put together a soldering workshop where you can get some hands on experience soldering on a working project. Rick has several years of experience related to all types of soldering related to contract manufacturing of printed circuit boards. The goal of the workshop is to get you familiar with soldering and how to avoid common mistakes in solder techniques. Rick will share proper techniques, tips, and pointers that simplifies the manual soldering process.
MetaCTF Capture the Flag
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesTest your infosec knowledge and hacking skillz in our in-conference capture the flag event!
Vendor Booth Hours
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDetails coming soon!
Trace Labs Capture the Flag
DMG: Track 0 - General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThe Trace Labs leadership team will be onsite hosting a 4 hour Search Party CTF during WWHF. The “CTF” will feature active
Escape Room
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesDetails coming soon!
WWHF Hands-on Labs
DMG: Stage Deadwood, SD, United StatesDetails coming soon!
Lock Picking Demo with Ed Miro
DMG: Stage Deadwood, SD, United StatesTest your infosec knowledge and hacking skillz in our in-conference capture the flag event!
Campfire Talk: I’m OK, You’re OK, We’re OK: Living with AD(H)D in Infosec – Klaus Agnoletti
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesPresented by: Klaus Agnoletti Details coming soon! Klaus Agnoletti has been an all-round infosec professional since 2004. As a long-time active member
Campfire Talk: How to Create Your Own AI Platform – Peter Halberg
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesArtificial Intelligence (AI) is taking the world by storm. There seem to be so many new platforms popping up daily. AI platforms for red and blue teams already exist, but are they custom tailored to your organization’s environment? If not, then maybe it’s time to create your own.
Rethinking Penetration Testing – Mike Saunders
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThe current model for traditional penetration testing is broken. The typical scan and exploit model doesn’t reflect how real attackers operate after establishing a foothold. Many organizations aren’t mature enough to need or benefit from a proper red team assessment. Organizations are often unsure how to approach a Purple Team
The Secrets of USAF Debriefing Methodology Will Make You a Better Hacker – Joshua Mason
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesBy utilizing the tactics, techniques, and practices developed by Air Force aviators, the security community can better utilize lessons learned through failure and success and improve from engagement to engagement or incident to incident.
Campfire Talk: Zero to Hero: Hacking Your Way to Your First Pentest Gig – Christian Villapando
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThis presentation aims to inform folks how to get into penetration testing. The primary target audience is those breaking into the field of cybersecurity or in the area already but would want to shift to pentesting.
Campfire Talk: Burp, Not Just For Browsers – Samantha Peters
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesMy presentation would show how to proxy traffic through Burp Suite from an iPhone using a Mac OS, from Python, and from Postman. Capturing this traffic can allow for quick analysis that otherwise wouldn't be possible, and enable the use of repeater and intruder for potential exploitation.
Campfire Talk: Modern Web Authentication: Passwords are so 1960’s – Greg Bailey
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesIn this talk, we will walk through the various modern authentication protocols, specifically OAuth and its cousin, OpenID Connect, including the various code flows (code flow being the most important), how they work, their history of vulnerabilities, and how we can protect them.
Penetration Testing: Communication is the Real Hack – Brandon Scholet
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesPenetration testing success relies on effective communication with clients. This talk will address common frustrations and provide strategies for having smooth engagements, as well as insights for clients looking to understand how to get pentests to meet their goals. This will go over strategies to obtain necessary information such as client goals, pre-engagement, managing scope, and minimizing frustrating surprises. This talk will also talk about communicating findings in a way that helps clients understand and appreciate the security risks.
Destroying the Fog of War: Demonstrating Realistic End-to-End Attacks and Detective Controls – Jeff McJunkin
DMG: Track 1 - Main Stage, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThis talk reveals the five ways outside attackers gain internal access and outlines defenders' three core objectives: reducing initial access, lowering detection and response time, and slowing down attackers. Through live demonstrations, real-world examples, and even a unique Mario Kart analogy, this talk provides actionable insights into detective controls and slowing down attackers.
Campfire Talk: Why John Wayne Works: Social Engineering in the Wild Wild West – Todd Wedel
Deadwood Mountain Grand (DMG) 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesIn social engineering engagements, especially physical, the culture of honor values play a significant role if the participants are in or have a background in a culture of honor. This talk will focus primarily on assertiveness and escalation avoidance.
Campfire Talk: So My Credentials have been Leaked…Now What? – Dwayne McDaniel
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesThis session will look at how to deal with credential leaks from detection through closing the final related ticket the incident generated. We will look at topics such as validation of secrets, scoping impact, assembling the right players, to how to offload tribal knowledge with tools like notebooks and playbooks. We will also look at preventing future leaks with some open source tools and non-intrusive workflow adjustments.
Workshop: Automating Attacks – Alex Martirosyan
DMG: Track 3 - Hotel Lobby Meeting Room 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesWith the latest advancements of attack and breach simulation tools, many organizations are still playing catchup to know where to begin. Endpoint detection and response (EDR) tools have become heavily relied upon with default configurations. As an industry, we have pushed a lot of the responsibility of managed service providers without fully understanding what we are signing up for. This workshop will help beginners understand what the latest buzzwords mean such as Atomic Testing, Micro Emulation Plans, and Purple Teaming.
Making Magnets for Needles in Noisy Haystacks: Operationalizing ATT&CK with Risk Based Alerting – Haylee Mills
DMG: Track 2 - Stage 2, General Session Area 1906 Deadwood Mountain Drive, Deadwood, SD, United StatesMITRE ATT&CK helps us identify threats, prioritize data sources, and improve security posture, but how do we actualize those insights for better detection and alerting? We shift to alerts on aggregated behaviors over direct alerts, and make our noisy datasets into valuable treasure troves tagged with ATT&CK metadata. Let's discuss the key features needed to implement this in any security toolset!