Tool Shed Demo: CTF 101 – How to Play and Win
Python-written tool providing a one-liner command for accelerating the collection, processing, analysis and outputting of digital forensic artifacts.
Tag: Virtual
Talkin’ Bout (Infosec) News – Live
Join us while we discuss notable Infosec, and Infosec-adjacent news from the main stage at Wild West Hackin’ Fest!
Tool Shed Demo: WCE (Windows Commander and Exfiltrer) – Momen Eldawakhly
This Python tool enables network node command and exfiltration while applying OPSEC to ensure the process is hidden by transmitting commands through window flags.
Tool Shed Demo: Elrond – Ben Smith
Python-written tool providing a one-liner command for accelerating the collection, processing, analysis and outputting of digital forensic artifacts.
Campfire Talk: So My Credentials have been Leaked…Now What? – Dwayne McDaniel
This session will look at how to deal with credential leaks from detection through closing the final related ticket the incident generated. We will look at topics such as validation of secrets, scoping impact, assembling the right players, to how to offload tribal knowledge with tools like notebooks and playbooks. We will also look at preventing future leaks with some open source tools and non-intrusive workflow adjustments.
Campfire Talk: Zero to Hero: Hacking Your Way to Your First Pentest Gig – Christian Villapando
This presentation aims to inform folks how to get into penetration testing. The primary target audience is those breaking into the field of cybersecurity or in the area already but would want to shift to pentesting.
Exfiltrate and Command Network Nodes Like a Ghost! – Momen Eldawakhly
Our role as “red teamers” is to try developing techniques that simulate these activities and to improve organisational security by training defensive security teams to check for every single bit (not literally) of data and also anticipate the locations from which attackers may conduct their operations. The technique discussed in this research only shows the basic mindset that can be developed further with each engagement.
DevSecOps Worst Practices – Tanya Janca
Quite often when we read best practices we are told ‘what’ to do, but not the ‘why’. When we are told to ensure there are no false positives in the pipeline, the reason seems obvious, but not every part of DevOps is that intuitive, and not all ‘best practices’ make sense on first blush. Let’s explore tried, tested, and failed methods, and then flip them on their head, so we know not only what to do to avoid them, but also why it is important to do so, with these DevSecOps WORST practices.
Intro to Offensive Tooling w/ Chris Traynor
This hands-on course covers a variety of offensive tools, such as Nmap, Recon-ng, Metasploit, Proxychains, Responder, and many more. Through a series of practical labs, you will gain experience in using these tools to assess the security of systems and networks.
In addition to learning how to use these tools effectively, you will also explore the ethical considerations surrounding offensive tooling, how to responsibly use these tools to protect sensitive information, and prevent cyber attacks.
Linux Command Line for Analysts & Operators w/ Hal Pomeranz
This 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home, so you can continue the learning even after class is over.