Conference Training

Howdy y’all! Below you’ll see a list of all the training classes we are offering as part of Wild West Hackin’ Fest-Deadwood 2020. Keep in mind that the price you see includes a corresponding conference ticket!

Did you know that your training purchase also includes six months of access to the Cyber Range?

Please note that swag bags are no longer available for new registrants.


Courses

 

Active Defense and Cyber Deception

Instructor: John Strand
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

Active Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between.

Return to top

 

Your purchase includes six months of access to the Cyber Range.

 

Advanced Network Threat Hunting

Instructor: Chris Brenton
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

We will spend most of this class analyzing pcap files for command and control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.

Return to top

 

Your purchase includes six months of access to the Cyber Range.

 

Applied Purple Teaming

Instructors: Kent Ickler and Jordan Drysdale
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

Applied Purple Teaming (APT) will first introduce students to threat optics on Windows systems. This course will provide instruction for configuring and installing Sysmon to gather endpoint logs. Students will also be introduced to Windows Audit Policies and will get to deploy a high visibility audit policy stack. Windows Event Collection and Forwarding will be implemented to demonstrate the free Windows logging stack built in and licensed under the existing agreement you have with Microsoft. The event collector will finally be configured to ship logs to the Hunting ELK (HELK) where students will get to review threat optics using Kibana. The majority of the class will be iterating through the TTPs of a standard pentest to demonstrate effective logging and detections against some attacks that are challenging to detect. The Atomic Purple Team lifecycle will be used to attack, hunt and detect, and defend against all of the attacks! Come join us for another round of APT with updated materials and to have a great time in the Wild West!

 

Your purchase includes six months of access to the Cyber Range.

 

Modern WebApp PenTesting

Instructor: Brian King
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

Modern WebApp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different.

Return to top

 

Your purchase includes six months of access to the Cyber Range.

 

Hacking Enterprises

Instructors: Will Hunt and Owen Shearing
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

This is an immersive hands-on course simulating a full-scale multi-faceted penetration test. Over the two days, we will fully compromise a simulated enterprise covering a multitude of TTP’s. The training uses modern operating systems and techniques, emphasizing the exploitation of configuration weaknesses rather than throwing traditional exploits. This means logical thinking and creativity will definitely be put to the test.

Students will access a cloud-based LAB configured with multiple networks, some easily accessible, others not so. Course material and exercise content has been designed to reflect real-world challenges, and students will perform numerous hands-on exercises including using OSINT skills to retrieve useful data, perform host/service enumeration and exploitation as well as perform phishing attacks against our live in-LAB users to gain access to new networks, bringing new challenges and in the process teaching new sets of skills in post-exploitation, network reconnaissance, lateral movement, and data exfiltration.

Learn more here | Return to top

 

Your purchase includes six months of access to the Cyber Range.

 

Initial Access Operations

Instructor: Chris Truncer
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

Most red team classes cover a wide range of topics such as reconnaissance, initial access, post-exploitation, and more. The volume of material covered limits the students’ ability to perform deep dive on one any individual topic. We’re changing that narrative with a course fully dedicated to “Initial Access Operations”. This class is designed to immerse you in a multitude of techniques that attackers (and red teams) use to gain initial access into the environment they are targeting.

Return to top

 

Your purchase includes six months of access to the Cyber Range.

 

Adversarial Attacks & Detection: Improving your Security Posture with Purple Teams

Instructors: Larry Spohn and Ben Ten
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

This course will focus on attacks used in the wild and how to create specific detections to identify early Indicators of Compromise (IoC). The students will set up an ELK (Elasticsearch, Log Stash, Kibana) instance and then run attacks on a lab system. The students will then create rules to detect the attack in ELK. The students will set up their ELK system for a final lab where a simulated attack will occur on their systems, and they will have to detect and defend against the attacks. This course will focus on the MITRE ATT&CK framework as well as several attacks that do not leverage a vulnerability. These attacks include weak credential harvest, lateral credential spray, SPN queries, and more. The students will have a better understanding of early IoCs and how to identify these threats within their environment, regardless of the initial attack vector.

Learn more here | Return to top

 

Your purchase includes six months of access to the Cyber Range.

 

Linux Forensics

Instructor: Hal Pomeranz
Dates: 9/22, 9/23
Time: 9AM to 5PM MT

This two-day course is a quick start into the world of Linux forensics. Learn how to use memory forensics to rapidly triage systems and spot attacker malware and rootkits. Learn where the most critical on-disk artifacts live and how they can help further an investigation. Rapidly process Linux logs and build a clearer picture of what happened on the system.

Return to top

 

Your purchase includes six months of access to the Cyber Range.