Workshops
Date: Sat, April 13, 2024
On-Site (In Person)
General Admission
Training Workshops
These training courses will be included in the general admission conference tickets. The workshops will take place on April 13 from 8am - 6pm. The technical training topics will focus on cybersecurity, AI, cloud, offensive, defensive, incident response, insider threats, space and aero defense.
Training updates will be released on social media leading up to the event.
Trainer Index
Tom Porter & Colbert Zhu
Tim Fowler
Ryan O’Donnell
Ronald Broberg & Dark Wolf Solutions
Steve ‘rvrsh3ll’ Borosh & Kaitlyn Wimberley
Phillip Wylie
Arun Nair, Aravind Prakash & Soumyadeep Basu
Patrick ‘InfosecPat' Gorman
Carlos Polop
Wade Wells
Jonathan Singer
Robert ‘LTNBob’ Theisen
Dylan Tran
Josh Mason
Attacking DevOps Pipelines
Tom Porter & Colbert Zhu
Training Description:
DevOps is one of the most target-rich environments in modern enterprise networks. Large organizations rely on DevOps platforms to automate the build and deployment of infrastructure and software applications in a reliable manner. To effectively perform their tasks, DevOps tooling requires high-level permissions for managing credentials, creating infrastructure, configuring systems, building code, and deploying applications to production environments. This makes DevOps platforms a compelling target for an adversary.
This course teaches the modern adversary’s approach to attacking DevOps pipelines. It will cover field-tested TTPs such as discovering secrets in documentation & source code, leveraging CI/CD applications for remote code execution, and credential dumping methods for various DevOps platforms. In a security landscape that places heavy scrutiny on the endpoint, DevOps systems provide an opportunity to live off the land and escalate privileges while maintaining operational security.
This course will discuss OPSEC considerations for these attacks and expose students to the stealth-focused adversarial mindset. Course and lab content will cover DevOps pipelines from beginning to end.
Each student will receive access to a virtual lab environment that simulates an enterprise network that utilizes DevOps to maintain their applications and infrastructure. Students will perform reconnaissance, identify escalation vectors, and chain together a series of DevOps and CI/CD-based attacks to access business-critical systems and data.
Trainer Bio:
Tom Porter started his professional career as a baseball player with the San Diego Padres organization. In 2010, he switched careers and began wrining netflow analystics foa DoD-based blue team, eventually pivoting to a role as an offensive security consultant for Accenture’s FusionX Red Team
Colbert Zhu is an offensive security consultant with experience in penetration testing, purple teams, and objective-based adversary simulations. Colbert is also an avid Yankees fan and fond of making Excel spreadsheets for fantasy baseball.
Bring Your Own Satellite (BYOS) - Building a Virtual Satellite Lab
Tim Fowler
Training Description:
In this training class, attendees are introduced to the basics of satellite communication in a hands-on manner. Also, through the power of virtualization and open-source software, attendees will get a step-by-step guide to create their own personal satellite lab, while helping discover the fundamental principles of satellite communication, from orbital mechanics to data transmission protocols, as you design, simulate, and experiment with satellite systems in a risk-free, virtual environment.
Unveil the secrets of satellite technology, gain hands-on experience with real-world scenarios, and configuring and controlling your virtual satellite. This unique learning experience equips you with the knowledge and practical skills needed to explore the possibilities of satellite communication. Unlock the universe of opportunities that satellite communication offers, right from your own laptop.
Trainer Bio:
Tim Fowler is an Offensive Security Analyst with Black Hills Information Security and has over a decade of experience working in information security. He has worked for Fortune 100 financial institutions as well as a consultant, providing penetration testing and red team services. Tim is passionate about sharing his knowledge with others and has had the pleasure of speaking at multiple security conferences across the county. When not hacking away as a clients’ network or writing the subsequent report, researching cybersecurity in space, or developing functional CubeSats, Tim loves spending time with his wife and son and working in his workshop with his collection of hand tools and CNC machines.
Attacking MS-SQL
Ryan O’Donnell
Training Description:
Microsoft SQL (MS-SQL) servers can be integral to the business operations of an organization and often hold sensitive data. This makes them an attractive target for attackers. A recent incident highlighting the importance of MS-SQL security involved attackers hacking into poorly secured and Internet-exposed MS-SQL servers to deploy Trigona ransomware.
This workshop focuses on key techniques and methodologies for assessing MS-SQL server security.
Participants will gain practical knowledge in the following areas: Enumeration, Command Execution, Privilege Escalation, and Persistence.
The workshop will provide a comprehensive understanding of how these attacks are carried out in real-world scenarios, equipping attendees with the necessary skills to identify and mitigate security risks in their future testing.
Moreover, the workshop will include hands-on labs, allowing participants to apply the learned techniques in controlled environments.
This practical approach ensures that attendees can translate the knowledge gained into real-world application.
An essential part of the workshop will be the introduction and utilization of various open-source tools including: SQL Server Management Studio, PowerUpSQL, DAFT, mssqlclient, and SQLRecon.
Overall, this beginner-friendly workshop will be an immersive experience for those looking to deepen their expertise in attacking MS-SQL.
Trainer Bio:
Ryan O'Donnell is a Red Team Operator with White Knight Labs. Over the last 10 years, Ryan has been performing Penetration Tests, Red Team assessments, and Incident Response investigations. Ryan has a Masters in Computer Forensics from George Mason University and the following Certifications: OSCP, OSEP, GREM, GCFE, GCIH, CRTO, and RTJO.
Hack Our Drone
Ronald Broberg & Dark Wolf Solutions
Training Description:
The Dark Wolf "Hack Our Drone" workshop provides participants the ability to learn hands-on cybersecurity testing techniques for evaluating Unmanned Autonomous Systems. The workshop includes a full Unmanned Autonomous System test target composed of a BeagleBone Blue Flight Vehicle (UAV), a Ground Control System (GCS), and a MAVLink over 802.11 WiFi Communications system.
The workshop includes both instructor assistance and detailed lab manuals to guide participants through a series of tasks to discover and exploit cybersecurity weaknesses in the UAS.
Tasks include firmware analysis, network service exploitation, password cracking, elevation of privilege, and UAV over-the-air hijacks. Participants are expected to bring a laptop with either Kali Linux installed or one that can boot a Kali Linux Live USB drive.
Trainer Bio:
Cybersecurity engineer with 25+ years experience in Space, UAS, and Command and Control domains. Most recently with Dark Wolf Solutions and focused on the three domains of UAS: IoT, RF, and Mobile.
Offensive Operations Against Foreign Adversaries: “C2 Agent 7589292 authenticated from core17.kremlin.ru as Администратор.”
Steve ‘rvrsh3ll’ Borosh & Kaitlyn Wimberley
Training Description:
What if you were part of an unknown hacking group looking to access a Russian network for "reasons"? What high-value targets could you identify from an external, unauthenticated perspective? How would you gain an initial foothold on an operating system that uses a foreign language? Can you blend in while you evade their defenses and establish Command and Control? What valuable information would you find and exfiltrate while moving laterally? In the end, do you profit from your access or burn it all to the ground? Join us as we take you on a journey as a hacker with no restrictions.
Trainers Bio:
Steve Borosh started hacking the planet with Black Hills Information Security in 2021 and has been instructing offensive courses since 2015. Steve has instructed at conferences such as BlackHat and Wild West Hackin' Fest, for Fortune 500 companies, and for federal law enforcement. He currently annoys system administrators as part of the ANTISOC team at BHIS and enjoys releasing shock-and-awe research blogs and open-source tools to drive change in the industry.
Kaitlyn Wimberley is an offensive operator on the ANTISOC team at Black Hills Information Security where she pokes and prods customer environments relentlessly. Since 2021, she has been teaching and assisting with offensive and defensive material in webcasts, conference trainings, and master-level university courses. She loves diving into rabbit-holes for long-lost information and finding fun ways to do things _not_ "as-intended". She encourages students to push past contrived approaches to offensive security and demonstrate the real-world impact of what someone with "no scope" may achieve against their targets.
Pwning Networks: An Introduction to Network Pentesting
Phillip Wylie
Training Description:
Pentesting is a very popular and sought-after skill set for information security professionals. In this hands-on workshop, you will learn how to detect and exploit vulnerabilities using automated and manual techniques against Windows and Linux operating systems.
Tools covered are but not limited to: Network and web application vulnerability scanners Nmap port and service scanner Metasploit Framework exploitation tool Plus, many other tools in the Kali Linux pentesting distribution Laptop
Requirements: Laptop with Chrome browser
Trainer Bio:
Phillip has over 25 years of industry experience in IT and cybersecurity. He is also a former Dallas College Adjunct Instructor and the founder of both The Pwn School Project and DEFCON Group 940. Wylie has a diverse range of experience in multiple cybersecurity disciplines, including system administration, network security, application security, and pentesting. As a pentester with over 10 years of experience, he has conducted pentests of networks, Wi-Fi networks, and applications, as well as red team operations and social engineering.
Phillip's contributions to the cybersecurity industry extend beyond his work as a pentester. He is the concept creator and co-author of “The Pentester BluePrint: Starting a Career as an Ethical Hacker,” a highly regarded book that was inspired by a lecture he presented to his class at Dallas College and later became a conference talk. Phillip is the host of The Hacker Factory Podcast, where he interviews guests on how they got started in cybersecurity and their advice for aspiring cybersecurity professionals. Additionally, he is a frequent conference speaker, workshop instructor, and mentor.
Red Team Infrastructure Automation
Arun Nair, Aravind Prakash & Soumyadeep Basu
Training Description:
This workshop offers a fast-paced and engaging introduction to setting up Red Team Infrastructure, focusing on the practical use of Terraform and Ansible. The session begins with a brief overview of Red Team operations and the critical role of robust infrastructure. It then swiftly moves into the practical aspects, demonstrating the basics of Terraform for deploying cloud infrastructure and Ansible for efficient configuration management. The highlight is a demonstration on integrating these tools to automate key components of Red Team infrastructure, emphasizing their application in real-world scenarios.
This workshop is tailored for those eager to quickly grasp the essentials of Red Team infrastructure automation.
Topics Covered:
-
Overview of Red Team Operation
-
Importance of Infrastructure in Red Team Engagements
-
Writing your first terraform and Ansible Script
-
Red Team Infrastructure Components
-
Automating Setup of Red Team Infrastructure with Terraform and Ansible
-
Stealth/Opsec Techniques in Infrastructure Setup
-
Practical Lab: Setting up a simulated Red Team Operation using Terraform and Ansible
Trainer Bio:
Arun Nair is an experienced Red Teamer with specialized expertise in malware development and evasion. Holding certifications like OSCP, CRTP, CRTL, CodeMachine Malware Techniques, Malware on Steroids and Hacksys Windows Kernel Exploitation, he showcases a profound grasp of offensive security. His hands-on experience with top-tier organizations like Google and Mandiant enriches his understanding of real-world cyber tactics. He has volunteered as a trainer at Blackhat Europe MIPS Exploit Development, contributed at Defcon Adversary Village, and presented talks and workshops at RedTeamSummit, c0c0n, and regional Null Meetups.
Aravind is an experienced Red Teamer working in Resillion with a strong background in offensive security and a passion for malware development. With multiple certifications, including CRTP, CRTE, CRTO and CRTL. Having conducted numerous engagements, Aravind has gained valuable insights into the tactics used by real-world adversaries. Their expertise allows them to simulate attacks and identify system and network vulnerabilities.
Soumyadeep Basu is a security professional with expertise in threat detection. In his role as a deception engineer at Zscaler, he specialized in building deception and deploying decoys in cloud and on-prem environments. Having earned certifications such as OSEP, OSCP, AWS Security and AZ-500, Soumyadeep brings a wealth of expertise to the field of offensive security as well. Soumyadeep has a robust background in red teaming, gained through consulting experiences at renowned firms like Mandiant and Payatu. He has been invited as a speaker and trainer at international conferences like RingZer0, c0c0n etc. Soumyadeep is currently working as a Cloud Threat Detection Engineer at CRED, specializing in hunting and tracking cloud threat actors and solving cloud security at scale.
Free Ways To Learn Cyber Security - Setting Up a Home Lab
Patrick ‘InfosecPat' Gorman
Training Description:
There are many free ways to learn, cyber security. Setting up your own free lab at home on your laptop or desktop computer is perhaps one of the best.
Training Description:
Do you want to level up your home lab hacking skills? In this 1.5 hour’s workshop, we will learn about hacking concepts and setting up a lab. Learn how to perform reconnaissance against windows assets and identify common vulnerabilities that lead to compromise of an organization. Tools and techniques used on real-world penetration tests against Windows Active Directory using Kali Linux including hands-on demonstrations. With this lab skis the limit. You can build this lab to whatever you would like. This is just step one. Let’s go and have fun!
You will leave this workshop with the skills for setting up a hacking lab for FREE!
Topics covered:
-
Download VMware workstation and install.
-
Download Kali Linux and install.
-
Download windows server 2022 or 2019 and windows 10 evaluation and install.
-
Download MS2 and install.
Lab Requirements:
-
1 Windows Server 2022, 2 Windows 10 Clients, MS2.
-
Download Metasploitable 2: https://sourceforge.net/projects/metasploitable/
-
80 GB of Disk Space
-
16 GB of Ram, 32 GB would be better.
Trainer Bio:
Patrick Gorman is a Cybersecurity professional, IT career coach, and a content creator on YouTube. My channel is InfoSec Pat. I started a company InfoSec Pat about 4 years ago to help others get in the world of IT and Security. My movement is about providing IT/Cyber training, coaching and providing services in the cybersecurity space. Pat has a multitude of security certifications and maintains his extensive skills by routinely taking training, learning as much as he can from the community, and researching topics that he lacks knowledge in. His favorite part of being at InfoSec Pat is having the opportunity to learn more, and help as many people as possible get into IT and cybersecurity. He is a constant contributor to the InfoSec community by writing blogs, speaking at conferences and on webcasts, and teaching his online class, how to Setup a Cybersecurity Lab. Outside of his time at InfoSec Pat, Gorman enjoys working out and staying active, playing hockey and traveling the world.
Visit my website at www.infosecpat.com.
Intro to AWS Hacking
Carlos Polop
Training Description:
This course is tailored for those new to AWS hacking, as well as for individuals with a foundational understanding of AWS hacking concepts, seeking to further hone their skills and deepen their knowledge. We initiate with the essentials of AWS security, progressing to an in-depth exploration of core AWS services.
Not only will participants learn the operational side of these services, but they will also discover potential vulnerabilities that can be exploited for privilege escalation, persistence, and advanced post-exploitation activities, all of which will be illustrated through practical demos. Upon completion, attendees will have a robust grasp of the AWS security framework.
They will be able to identify some vulnerabilities and misconfigurations and possess the know-how to exploit them effectively and responsibly.
Trainer Bio:
Carlos has a degree in Telecommunications Engineering with a Master in Cybersecurity and is currently working as Team Leader of Web, Mobile & Cloud Penetration Testing at Halborn.He also has several relevant certifications in the field of cybersecurity such as OSCP, OSWE, CRTP, eMAPT, eWPTXv2…
As CTF player, has won some international CTF competitions, he was captain of the Spanish national team in ECSC2021, and part of the winning European Team in the ICSC2022.
Since he started learning cybersecurity he has tried to share his knowledge with the infosec community by publishing open source tools such as https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite and writing free hacking books that anyone can consult at https://book.hacktricks.xyz/ and https://cloud.hacktricks.xyz/.
Cyber Threat Intelligence 101
Wade Wells
Training Description:
Cyber Threat Intelligence (CTI) is a crucial component in the fight against malicious cyber actors. This entry-level course is designed to provide an overview of CTI, its importance, and how it is used to detect, prevent, and support others against cyber threats. The course covers the basics of CTI, including how to create intelligence, augmenting other teams with intelligence, threat modeling, and the tools and techniques used to collect and analyze data. You will also learn about the intelligence cycle, which includes the steps involved in CTI collection, analysis, and dissemination.
The course provides a comprehensive overview of the CTI field and is perfect for anyone who wants to understand the importance of CTI and how it is used to protect organizations from cyber threats.
By the end of the course, you will have a strong foundation in CTI and be able to contribute to an organization's cyber security efforts. Takeaways
● Understanding what Intelligence is and isn’t.
● The different types of intelligence.
● Cognitive biases
● Threat modeling
● Creating priority intel requirements
● What the Intelligence life cycle is and how to use it.
● Cyber security frameworks
● How to create intelligence for free or low budget.
Trainer Bio:
Wade Wells is Lead Detection Engineer for a fortune fifty company. He has worked eight years in security operations performing threat hunting, cyber threat intelligence, and detection engineering primarily in the financial sector He holds a master's degree in cybersecurity from Georgia Tech, is a board member of BSides San Diego and teaches a cyber threat intelligence course. Wade is a regular on the Black Hills infosec podcast “Talkin About the News”, he has given talks for BSides San Diego, GrimmCon, Wild West Hackin Fest and Defcon 858/619. In his spare time he mentors people trying to get into the infosec field, reads fantasy novels and watches movies with his family
Modern Web Appsec with OWASP crAPI
Jonathan Singer
Training Description:
Last year Jonathan led a free training on OWASP Juice Shop. This year he is back with a new OWASP platform called crAPI, or better known as "completely ridiculous API." In this workshop, you will learn about modern webapp security using APIs and introduction to the new OWASP Top 10 for API Security.
Be prepared to scream and shout, and let it all out, in this exciting update to website security for the next generation.
Trainer Bio:
Jonathan Singer has almost two decades of experience as an information technology professional and cyber security expert. Recently, Jonathan led the Data Analytics Professional Services Practice for GuidePoint Security, delivering world class data management and SOC engineering services. He has since switched to the dark side and now assists Fortune 500 companies with the enterprise security challenges. Prior to joining GuidePoint, Jonathan worked at a Central Florida Internet Service Provider specializing in web application security, GRC, and system administration. Jonathan participates in many speaking engagements throughout the east coast, and currently holds a number of certifications, along with a Master’s degree of Cybersecurity from the University of South Florida. Today you can find Jonathan co-leading the Tampa OWASP chapter and enjoying life.
Certifications:
CEH
GCFE
GPEN
GCIA
GWAPT
Practical Network Fundamentals
Robert ‘LTNBob’ Theisen
Training Description:
In this hands-on workshop Robert "LTNBOB" Theisen leads absolute beginners through the fundamentals of computer networking. Participants will be engaging in trainer-led discussion, building real networks and developing hands-on skills that are essential in IT & Cybersecurity. While it is possible to sit back and observe this workshop, you will be strongly encouraged to participate in the hands-on activities. There will be CTF inspired challenges to afford you the opportunity to challenge your understanding. If you are a seasoned professional, you may also benefit from attending this workshop as it will serve as a refresher and you can help beginners that are in attendance.
Learning Objectives: You can expect to learn the following:
-
How networks began and many of the reasons we use them today
-
How the Internet works
-
How to build a local area network
-
How to remotely control devices over a network (GUI & CLI)
-
Practical IP Addressing & Subnetting fundamentals
-
Testing connectivity between devices
-
How switches and routers work
-
Using ChatGPT to write useful scripts
-
Cisco IOS basics
-
The purpose of VLANs and how to set them up -
-
How to share & secure network resources
-
How NAT works and how to configure it.
Equipment Recommendations: You can enjoy this workshop without bringing a computer however, it will be best enjoyed if you bring a laptop with the following: - At least 4 GB of RAM - Running a Windows or Linux OS with admin rights (you have the rights to change an IP address and create files on the computer)
Trainer Bio:
Robert ‘LTNBob’ Theisen: I am fascinated by technology as a tool to empower humanity to do more good in the world than bad. My calling is to engage, enlighten and empower others to be all they can be. Learning is part of my daily regimen as I believe learning is the single most empowering thing one can do. Education is not just limited to organizations that grant degrees. We live in an era where we can start learning just about anything with one keyword search. High quality guidance from a teacher or mentor can accelerate the learning process. I love learning but I love to empower others even more. I never take off my IT/infosec professional hat and never will so long as I am preparing others to succeed through mastering the various tactics, techniques procedures and tools we have at our disposal. None of my accomplishments would be possible without great mentors, friends, family, the Internet and God. I'm always open to learning about new opportunities especially if the outcome leads to better lives for those that choose to use what I teach.
Accomplishments & Focus:
-
Revitalizing college IT programs
-
Developing IT & Cybersecurity curriculum for community colleges
-
Assisted Hack The Box in developing modules in the Penetration Tester path on Hack The Box Academy
-
Actively assisting thousands of learners with breaking into IT & Cybersecurity
-
Creating beginner friendly IT & Cybersecurity content for the ltnlabs YouTube channel
-
Partnering with learner focused institutions & communities to improve the quality of education
Synthetic stack frame spoofing
Dylan Tran
Training Description:
Windows malware capabilities are rooted in its usage of the Windows API. Detections have been built around the usage of certain API calls from unbacked memory, a common occurrence with malware that reside in memory.
The aim of this workshop is to provide insight into Return Address Patching and Call Stack Spoofing; techniques which aim to alleviate this IOC. Specifically, this workshop will explore how these techniques work, demonstrate their impact, and investigate the drawbacks of these techniques.
Requirements:
-
A Windows 10 VM
-
x64dbg installed
-
Process Hacker installed
-
mingw-w64 installed
-
Code editor of choice
-
Trainer Bio:
Dylan Tran is a Tool Developer with White Knight Labs and a student at Cal Poly Pomona. Dylan has involvement in various cybsecurity competitions and focuses on windows internals and network pentesting. Dylan also holds the OSCP, CRTO, and CRTL certifications.
Blog: https://dtsec.us
CISSP Crash Course: Mastering Tricky Concepts in Information Security
Josh Mason
Training Description:
Join our intensive one-day CISSP Crash Course designed specifically for Information Security professionals seeking a focused review of the most challenging concepts within the CISSP exam.
This course aims to provide a deep dive into the intricacies of key domains, ensuring participants gain a solid understanding of complex topics.
From cryptography to access control and beyond, Josh will guide you through key concepts and real-world examples, equipping you with the knowledge and strategies needed to tackle the trickiest elements of the CISSP exam.
Accelerate your CISSP preparation and boost your confidence with this comprehensive crash course tailored for success.
Trainer Bio:
Josh Mason, the Director of Cyber Training and vCISO at Arbitr, brings a unique blend of military expertise and extensive experience in building cyber programs and developing training. As a former combat pilot and cyber warfare officer in the United States Air Force, he shaped cybersecurity education and built training programs. He taught at renowned institutions like the US Air Force Special Operations School and the DoD Cyber Crime Center's Cyber Training Academy. At INE, he created the Penetration Testing Student program and the eLearnSecurity Junior Penetration Tester (eJPTv2) exam.
Social Engineering Improv Acting Techniques
by the Improvisational WeHackPeople.com
Brent White & Tim Roberts
Training Description:
Social Engineering is a widely-covered topic. We'll focus on how it can be beneficial specifically during covert entry assessments for talking your way in/out of situations as well as to solicit information that you can apply throughout the assessment.
Level-up your face-to-face social engineering skills with industry professionals, Tim Roberts and Brent White! Unleash the power of human interaction in cybersecurity with an immersive workshop that merges improvisational acting principles with strategic social engineering, empowering participants to dynamically adapt and convincingly portray various personas.
From thinking on the fly, understanding basic improv fundamentals, to honing psychological manipulation techniques; participants gain hands-on experience in realistic simulations. Ethical considerations are emphasized, ensuring responsible use of these skills in penetration testing.
By the end of the workshop, participants emerge with heightened adaptability, creativity, and the ability to exploit human vulnerabilities effectively, contributing to a fortified cybersecurity defense. Tim Roberts and Brent White of WeHackPeople.com and Dark Wolf Solutions, LLC will be sharing their experiences with covert and overt security tests over the years and walking participants through some real-life application of the techniques utilized during these assessments.
Topics covered:
-
The foundations of preparing for your assessment before you even arrive onsite
-
The development of surveillance techniques such as important information to look for to create your plan of attack
-
-
Understanding how social engineering can play a major role in covert physical security assessments
-
Gain tools and techniques to help better develop your improvisational skills!
-
Introduction to developing useful guises to aid in a successful engagement
-
Which certifications and training are offered? / How do I get a job doing this?
Trainer Bio:
Brent is a Sr. Principal Security Consultant at Dark Wolf Solutions, specializing in covert entry, social engineering assessments, and drone hacking. He founded the Nashville DEF CON group (DC615), and former Global Coordinator for the official DEF CON conference “Groups” program.
He is also a trusted adviser for the TN Dept of Safety and Homeland Security on the topic of physical and cyber security.
Brent also helped establish the methodology for small Unmanned Aerial Systems (sUAS) hacking for the Defense Innovation Unit (DIU) and the Association for Uncrewed Vehicle Systems International (AUVSI). Brent has held the role of Web/Project Manager and IT Security Director for a global franchise company as well as Web Manager and information security positions for television personalities on The Travel Channel.
He has also been interviewed on the popular web series, “Hak5” with Darren Kitchen, BBC News, and on Microsoft’s “Roadtrip Nation” television series.He and Brent White have also been featured a couple of times on the true crime series "Profiling Evil". His experience includes Drone Hacking, Internal/External Penetration, Wireless, Application and Physical Security assessments, Social Engineering, and more. Brent has also spoken at numerous security conferences, including ISSA International, DEF CON, Black Hat, DerbyCon, HackSpaceCon, SaintCon, NolaCon, various B-Sides events, Techno Security Con, TakeDownCon and Appalachian Institute of Digital Evidence conference at Marshall University, and more.
Tim Roberts. Sr. Principal Security Consultant with close to 20 years of information security experience. I have held management, IT, and physical security roles across multiple industries, including healthcare, finance, and government. My professional experiences include Internal/External Network, Wireless, Application, Physical Security - specializing in Covert Entry, Social Engineering, and OSINT penetration assessments and research. These experiences have led to successful Red Team assessments against commercial and government environments.
I am the founding member of the Lexington DEF CON group (DC859) and was part of the DEF CON Groups program. I have been interviewed on the subject of "White hat hacking" for Microsoft’s “Roadtrip Nation” television series, was featured on IDG Enterprise’s CSO Online publication by Ryan Francis on social engineering, was interviewed at Black Hat by HelpNetSecurity on security awareness and "Know Your Adversary" and regularly featured on ProfilingEvil on "Security Awareness" for WeHackPeople.com.
I have spoken and conducted training at several industry recognized security and hacker conferences, including ISC West, ISSA International, DEF CON, DerbyCon, various B-Sides, CircleCityCon, Techno Security Con, SaintCon, Appalachian Institute of Digital Evidence - Marshall University, GrrCon, NolaCon, Who's Your Hacker, Red Team Village, Gray Hat, keynote for the S&H Law - FBI/Hacker Panel, and more. I host the Bypass Village as part of WeHackPeople.com at HackRedCon.
Check out some of my talks and more at www.wehackpeople.com
In addition to my professional background, I am also an accomplished martial artist with 25+ yrs of experience and was inducted in the International Black belt Hall of Fame. I am a Capoeira Instructor for Beira Mar Capoeira and a Master in Heuk Choo Kwan Hapkido. I have also instructed Law Enforcement Combative programs. I competed in the USTU Olympics and 3 years of international competition in Europe as part of Team America.
When I am not "breaking into" places and systems for clients, speaking at security conferences, or teaching martial arts, I also run an award winning stunt show for Ulfhedinn Entertainment, LLC and was featured in Renaissance Magazine.
Adversary simulator-purple team hands-on booth
Vishnu Prasad P G
Adversary Village in Village Room
Training Description:
Adversary Simulator booth will have hands-on adversary emulation plans specific to a wide variety of threat-actors and ransomware; these are meant to provide the participants/visitors with a better understanding of the adversary tactics.
This is a volunteer assisted activity where anyone, both management executives and technical folks can come-in and experience different categories of simulation, emulation and purple scenarios. Adversary Simulator booth will be having a lab environment focused on recreating enterprise infrastructure, aimed at emulating various adversaries. The booth visitors will be able to view, simulate and control various TTPs used by adversaries. The simulator is meant to be a learning experience, irrespective of whether one is hands-on with highly sophisticated attack tactics or from the management.
Trainer Bio:
Vishnu Prasad is an experienced security professional, working as senior cyber security engineer at UST, a provider of digital technology and transformation, information technology and services, headquartered in United States.
He is an active contributor to the Adversary Village community and leads technical activities, CTF competitions etc. Vishnu has been a part of various bug bounty platforms and acknowledged as a top researcher in security programs like Google, X and Microsoft, ranking among the top participants. He participated in various CTF competitions and has been invited to participate in BountyCon Singapore conducted by Google and Facebook.
Vishnu is also a core team member of DEF CON Group Trivandrum - DC0471.
He learns through active research and practice in open security communities. Also, he is currently leading research activities in his organization, UST.
Kickstarting adversary emulation engagements
Abhijith “Abx” B R
Adversary Village in Village Room
Workshop Description:
The hands-on workshop has been created to provide the participants with a better understanding of adversary emulation engagements. The participants will be able to emulate various threat-actors and ransomware safely in a controlled, enterprise level environment, safely. All machines in the lab environment will be equipped with AV, Web proxy, EDR and other Defense systems.
The workshop will have modules of TTPs and each attack vector used in the lab environment and step-by-step walk-through of the attack path. The workshop is intended to help the attendees to assess the defenses and evaluate the security controls deployed in their organization against motivated adversaries.
Trainer Bio:
Abhijith B R, also known by the pseudonym Abx, has more than a decade of experience in the offensive cyber security industry. He is a professional hacker, offensive cyber security specialist, security researcher, red team consultant, trainer and public speaker.
Currently he is involved with multiple organizations as a consulting specialist, to help them build offensive security operations programs, improve their current security posture, assess cyber defense systems, and bridge the gap between business leadership and cyber security
professionals.
Abhijith was responsible for building and managing offensive security operations and adversary simulation for a prominent FinTech organization called Envestnet, Inc. In the past, he held the position of Deputy Manager - Cyber Security at Nissan Motor Corporation, and prior to that, he worked as a senior security analyst at EY.
As the founder of Adversary Village (https://adversaryvillage.org/), Abhijith spearheads a community driven initiative exclusively focused on adversary simulation, adversary tactics, purple teaming, threat actor/ransomware research-emulation, and offensive securityadversary tradecraft. Adversary Village actively organizes hacking villages at prominent events such as the DEF CON Hacking Conference, RSA Conference etc.
Abx also acts as the Lead of an official DEF CON Group DC0471. He is actively involved in leading the Tactical Adversary project (https://tacticaladversary.io/) an initiative that centers around adversary attack simulation, offensive cyber security and red teaming tactics.
Abhijith has spoken at various cyber security conferences such as Nullcon, c0c0n, BSides, OWASP Seasides, DEF CON 28 safemode - DCG Village, The Diana Initiative, Opensource India, Adversary Village at DEF CON 29, DEF CON 30, RSA Conference 2023 etc.
Extraterrestrial Cybersecurity
Jacob Oakley
Training Description:
Satellites and other space systems are an integral part of our daily lives from navigation to communications, financial transactions, and national security. Cybersecurity for these assets is environmentally and operationally constrained in ways unfamiliar to most security practitioners.
This workshop introduces the audience to the complexities of space systems and their operations, as well as the impacts to malicious and defensive cyber activity within such architectures. We then cover the foundational issues at the intersection of the cyber and space domains that drive the application of cybersecurity and the mitigation of space system risk.
Lastly, the workshop will walk through case studies of example offensive and defensive cybersecurity tools for space systems, how we might establish ‘space-rated cybersecurity’ and the future growth of this niche from the vendor and consumer perspectives, highlighting the opportunities and challenges.
Trainer Bio:
Jacob Oakley, PhD, DSc, is a cybersecurity professional and author with 17 years of experience. A foremost expert on offensive cybersecurity, cyber warfare, and space system cybersecurity, he has advised Department of Defense (DoD) and Fortune 500 executives on strategic mitigation of risks and threats to globally distributed, multi-domain network architectures. He is an adjunct professor at Embry-Riddle Aeronautical University and is the Space Segment Vice Chair for the IEEE Space System Cybersecurity Standards Working Group. His books, Professional Red Teaming, Waging Cyber War, Cybersecurity for Space, Theoretical Cybersecurity, and The Business of Hacking are published by Springer/Apress
Adversary adventure: Hands-on game
Sreehari Haridas
Adversary Village in Village Room
Workshop Description:
Adversary adventure is a story-scenario based, interactive, choose-your-own adventure model interactive game. This is a gamified version of table-top exercises which is presented to the participants as they can choose to play as an attacker, post exploitation OR a Defender who is defending against an attacker group-threat actor OR even play as a CISO who is dealing with an adversarial situation such as a ransomware incident.
Trainer Bio:
Sreehari Haridas is an offensive security researcher and red teamer with over seven years of experience. He currently holds the position of Offensive Security Lead at a prominent FinTech organization.He is a core member of DEF CON Group Trivandrum and CTF Master at Adversary Village community.He has been contributing as the Adversary Village CTF Master for the CTF contests hosted at various conferences including DEF CON, RSA Conference, Diana Initiative, Nullcon, C0c0n, etc. He has bagged 3rd place in the Asia region for the Global Cyberlympics Capture the Flag competition and 6th position in the international Hackthebox.eu Capture the Flagplatform.Being an offensive security lead, his primary responsibilities involve identifying security vulnerabilities within the company and its products. This entails conducting thorough security assessments, engaging in vulnerability research, and simulating potential adversary tactics.