WWHF Hands-on Labs
To help you hone your hacker skillz, and find the Truth that is Out There, we have a Bluetooth Lab, Keystoke Injection Lab, Doorbell Replay Lab, and so much more!
Tag: Deadwood 2023
Open Mic Night at the Elks Club
Join BHIS staff members for WWHF Open Mic night! You can choose to be entertained by the music and grab a drink or play along with the other musicians. We will have rock band set up with drums, guitars, basses, and keyboards available, or if you want to bring that special instrument or guitar pedal that makes that super sweet tone you can’t live without… that works too!
Opening Remarks | Sponsor Stampede
John Strand makes a few opening remarks and announcements to welcome conference attendees and get the conference rolling.
Training Registration
On-Site Registration for Training. Please show up early if you are attending classes.
Workshop: Point and Shoot to Continuous Auditing in the AWS Cloud – Andrew Krug
In 2023 cloud environments are becoming increasingly complex resulting in wide variety of misconfigurations. In this workshop you’ll learn how to use point and shoot tools from the open ecosystem for cloud security assessments along with a few pro tips on how to segment and sandbox those. We will also dive into continuous auditing and how to setup long term dashboards for organizations to assess their maturity over time. Attendees will leave with a firm understanding of how to leverage the tools, articulate which method is better based on use case, and assume various roles (safely) in the AWS. Don’t miss this session with AntiSiphon instructor Andrew Krug. Attendees should bring a laptop with any modern Linux virtual machine or MacOS.
What the Hack is Going on? An Offensive Look at Modern Breaches – Tim Medin
Join this presentation for a comprehensive overview of modern cybersecurity threats and how breaches occur. We will highlight the various methods used by cybercriminals, including phishing, social engineering, and ransomware attacks, and emphasize the importance of identifying and addressing vulnerabilities before they can be exploited. There are a lot of vulnerabilities in the wild, and IT administrators and security professionals often focus on the wrong issues because they are easier to monitor or measure. By the end of the presentation, you will have gained valuable insights into the latest cybersecurity threats and how to protect against them.
GraphRunner: A Post-Exploitation Toolset for M365 – Beau Bullock & Steve Borosh
During this presentation, I will provide an in-depth exploration of GraphRunner’s features, showcasing its role in elevating post-exploitation strategies. Designed to empower both red team professionals and defenders, this toolset equips users with a means to navigate the intricate Graph API at the heart of M365 and manipulate it for offensive purposes. GraphRunner offers functionalities that aid in lateral movement, data exfiltration, privilege escalation, and persistence within M365 accounts. By offering practical demonstrations of the toolset’s capabilities, this talk aims to bridge the gap between theoretical attack concepts and their tangible real-world application.
Six Ways to Defend Better RN – David Kennedy
Running two large sized companies that both focus on breaking into companies as well as defending them has helped put things into perspectives on both successes and failures from a defense perspective. This talk will dive into some of the most common methods attackers go after organizations, but focus on non traditional ways of defending the network against them. We’ll be diving into prevention, detection, deception, AI (or lack thereof and marketing fluff), and much more. Let’s cut right down to it, and walk away with six things you can do today to better defend and identify attacks earlier in the attack cycle.
Escape Room
Try to escape a paranormal attack if you can! The police quickly left the crime scene and now it is up to you to solve it. As you come onto the scene, something triggers. You are being watched, and if you stay too long, it may be too late. Can you solve it, or will you become the next victim?
Awards with John Strand
John Strand makes a few closing remarks and award announcements to bid farewell to conference attendees and get the conference closed out.