WWHF at Secure WV (Virtual)


Did you know that the upcoming Secure West Virginia conference will feature amazing Antisyphon training brought to you by Wild West Hackin’ Fest? That’s right, the Secure West Virginia conference, which will be held virtually from November 2 to November 8, will feature the training listed below. Purchasing one of the training sessions below will get you access to the training session and a ticket to the Secure West Virginia conference.

Courses

Breaching the Cloud
November (Secure WV) – $395

Instructor: Beau Bullock

Mon, Nov 2, 11:00 AM – 4:00 PM EST
Tue, Nov 3, 12:00 PM – 4:00 PM EST
Wed, Nov 4, 12:00 PM – 4:00 PM EST
Thu, Nov 5, 12:00 PM – 4:00 PM EST

This training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.

Learn more about this course
Registration closed | Return to top

Active Defense and Cyber Deception
November (Secure WV) – $395

Instructor: John Strand

Mon, Nov 2, 11:00 AM – 4:00 PM EST
Tue, Nov 3, 12:00 PM – 4:00 PM EST
Wed, Nov 4, 12:00 PM – 4:00 PM EST
Thu, Nov 5, 12:00 PM – 4:00 PM EST

Active Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between.

Learn more about this course
Registration closed | Return to top

Advanced Network Threat Hunting
November (Secure WV) – $395

Instructor: Chris Brenton

Mon, Nov 2, 11:00 AM – 4:00 PM EST
Tue, Nov 3, 12:00 PM – 4:00 PM EST
Wed, Nov 4, 12:00 PM – 4:00 PM EST
Thu, Nov 5, 12:00 PM – 4:00 PM EST

We will spend most of this class analyzing pcap files for Command and Control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.

Learn more about this course
Registration closed | Return to top

Applied Purple Teaming
November (Secure WV) – $395

Instructors: Kent Ickler and Jordan Drysdale

Mon, Nov 2, 11:00 AM – 4:00 PM EST
Tue, Nov 3, 12:00 PM – 4:00 PM EST
Wed, Nov 4, 12:00 PM – 4:00 PM EST
Thu, Nov 5, 12:00 PM – 4:00 PM EST

Applied Purple Teaming (APT) will first introduce students to threat optics on Windows systems. This course will provide instruction for configuring and installing Sysmon to gather endpoint logs. Students will also be introduced to Windows Audit Policies and will get to deploy a high visibility audit policy stack. Windows Event Collection and Forwarding will be implemented to demonstrate the free Windows logging stack built in and licensed under the existing agreement you have with Microsoft. The event collector will finally be configured to ship logs to the Hunting ELK (HELK) where students will get to review threat optics using Kibana. The majority of the class will be iterating through the TTPs of a standard pentest to demonstrate effective logging and detections against some attacks that are challenging to detect. The Atomic Purple Team lifecycle will be used to attack, hunt and detect, and defend against all of the attacks! Come join us for another round of APT with updated materials and to have a great time in the Wild West!

Learn more about this course
Registration closed | Return to top

Modern WebApp Pentesting
November (Secure WV) – $395

Instructor: Brian King

Mon, Nov 2, 11:00 AM – 4:00 PM EST
Tue, Nov 3, 12:00 PM – 4:00 PM EST
Wed, Nov 4, 12:00 PM – 4:00 PM EST
Thu, Nov 5, 12:00 PM – 4:00 PM EST

Modern WebApp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different.

Learn more about this course
Registration closed | Return to top

Attack Emulation: Atomic Red Team, CALDERA and More
November (Secure WV) – $395

Instructors: Darin and Carrie Roberts

Mon, Nov 2, 11:00 AM – 4:00 PM EST
Tue, Nov 3, 12:00 PM – 4:00 PM EST
Wed, Nov 4, 12:00 PM – 4:00 PM EST
Thu, Nov 5, 12:00 PM – 4:00 PM EST

Attack Emulation tools help you measure, monitor and improve your security controls by executing scripted attacks. Atomic Red Team and CALDERA are two open source attack emulation projects that are mapped directly to the Mitre ATT&CK Framework. This class will provide an overview of the Mitre ATT&CK framework and give you in-depth, hands-on knowledge of how to execute scripted attacks that exercise many of the techniques defined in Mitre ATT&CK. You will be provided with hands-on lab instructions for emulating a variety of attacks and creating visualizations using Mitre ATT&CK Navigator. At the end of this class you will have the knowledge and tools to begin executing simulated attacks within your own test environment where you can create and validate detections in a script-able and consistent way.

Whether you are a student of information security or a seasoned red teamer or network defender there is something to learn from getting involved with in the Attack Emulation space and this course will help you do that.

Learn more about this course
Registration closed | Return to top

Why attend Secure West Virginia? Secure West Virginia, one of the larger regional conferences, attracts nationally known infosec leaders to discuss advanced infosec topics. This conference is small enough for direct interaction with speakers but big enough to meet other attendees with similar interests. For more details on Secure West Virginia, please click here.