BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Black Hills Information Security, Inc. - ECPv6.15.18//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Black Hills Information Security, Inc.
X-ORIGINAL-URL:https://www.blackhillsinfosec.com
X-WR-CALDESC:Events for Black Hills Information Security, Inc.
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20210314T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20211107T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20220313T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20221106T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20230312T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20231105T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220801T163000
DTEND;TZID=America/New_York:20220801T173000
DTSTAMP:20260405T165648
CREATED:20220624T174740Z
LAST-MODIFIED:20220627T143602Z
UID:10000397-1659371400-1659375000@www.blackhillsinfosec.com
SUMMARY:BHIS | Talkin' Bout Infosec News
DESCRIPTION:Join the BHIS team as we talk about current infosec news. \nStreamed live every Monday @ 4:30 pm. \nhttps://www.youtube.com/BlackHillsInformationSecurity
URL:https://www.blackhillsinfosec.com/event/bhis-talkin-bout-infosec-news/2022-08-01/
LOCATION:CA
CATEGORIES:Newscast
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/MicrosoftTeams-image-10.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220801T120000
DTEND;TZID=America/New_York:20220801T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000824-1659355200-1659369600@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-08-01/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220731T120000
DTEND;TZID=America/New_York:20220731T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000823-1659268800-1659283200@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-31/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220730T120000
DTEND;TZID=America/New_York:20220730T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000822-1659182400-1659196800@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-30/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220729T120000
DTEND;TZID=America/New_York:20220729T160000
DTSTAMP:20260405T165648
CREATED:20220628T211359Z
LAST-MODIFIED:20220628T211359Z
UID:10000640-1659096000-1659110400@www.blackhillsinfosec.com
SUMMARY:Modern WebApp Pentesting w/ BB King
DESCRIPTION:Modern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line\, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path\, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic\, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different. \nThis course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today\, based on the instructor’s many years of ongoing experience in testing … real webapps today. \nhttps://www.antisyphontraining.com/modern-webapp-pentesting-w-bb-king/
URL:https://www.blackhillsinfosec.com/event/modern-webapp-pentesting-w-bb-king/2022-07-29/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/modern-webapp-pentesting-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220729T120000
DTEND;TZID=America/New_York:20220729T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000821-1659096000-1659110400@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-29/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220729T110000
DTEND;TZID=America/New_York:20220729T160000
DTSTAMP:20260405T165648
CREATED:20220628T210910Z
LAST-MODIFIED:20230209T195723Z
UID:10000903-1659092400-1659110400@www.blackhillsinfosec.com
SUMMARY:Linux Command-Line Dojo w/ Hal Pomeranz
DESCRIPTION:Register: https://www.antisyphontraining.com/linux-command-line-dojo-w-hal-pomeranz/ \nThe DevOps folks are pushing Linux\, your red-team friends are doing serious damage with Linux-based tools\, and the Linux users on your Incident Response team are doing mysteriously powerful things. You’re ready to see if some of the Linux magic can rub off on you\, but you don’t know where to start. \nThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home\, so you can continue the learning even after class is over.
URL:https://www.blackhillsinfosec.com/event/linux-command-line-dojo-w-hal-pomeranz/2022-07-29/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Linux-Command-Line-Dojo-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220728T120000
DTEND;TZID=America/New_York:20220728T160000
DTSTAMP:20260405T165648
CREATED:20220628T211359Z
LAST-MODIFIED:20220628T211359Z
UID:10000639-1659009600-1659024000@www.blackhillsinfosec.com
SUMMARY:Modern WebApp Pentesting w/ BB King
DESCRIPTION:Modern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line\, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path\, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic\, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different. \nThis course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today\, based on the instructor’s many years of ongoing experience in testing … real webapps today. \nhttps://www.antisyphontraining.com/modern-webapp-pentesting-w-bb-king/
URL:https://www.blackhillsinfosec.com/event/modern-webapp-pentesting-w-bb-king/2022-07-28/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/modern-webapp-pentesting-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220728T120000
DTEND;TZID=America/New_York:20220728T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000820-1659009600-1659024000@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-28/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220728T110000
DTEND;TZID=America/New_York:20220728T160000
DTSTAMP:20260405T165648
CREATED:20220628T210910Z
LAST-MODIFIED:20230209T195723Z
UID:10000902-1659006000-1659024000@www.blackhillsinfosec.com
SUMMARY:Linux Command-Line Dojo w/ Hal Pomeranz
DESCRIPTION:Register: https://www.antisyphontraining.com/linux-command-line-dojo-w-hal-pomeranz/ \nThe DevOps folks are pushing Linux\, your red-team friends are doing serious damage with Linux-based tools\, and the Linux users on your Incident Response team are doing mysteriously powerful things. You’re ready to see if some of the Linux magic can rub off on you\, but you don’t know where to start. \nThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home\, so you can continue the learning even after class is over.
URL:https://www.blackhillsinfosec.com/event/linux-command-line-dojo-w-hal-pomeranz/2022-07-28/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Linux-Command-Line-Dojo-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220727T163000
DTEND;TZID=America/New_York:20220727T173000
DTSTAMP:20260405T165648
CREATED:20220624T204221Z
LAST-MODIFIED:20220920T184909Z
UID:10000461-1658939400-1658943000@www.blackhillsinfosec.com
SUMMARY:AASLR: Antisyphon Address Space Layout Randomization
DESCRIPTION:AASLR will have infosec professionals sharing their knowledge on tools\, techniques\, and procedures and then answering a lot of your questions on everything you can think to ask. \nStreamed live every Tuesday and Wednesday @ 4:30 pm. \nhttps://www.twitch.tv/antisyphon
URL:https://www.blackhillsinfosec.com/event/aaslr-antisyphon-address-space-layout-randomization/2022-07-27/
LOCATION:CA
CATEGORIES:Livestream
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/antisyphon_livestream_v1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220727T120000
DTEND;TZID=America/New_York:20220727T160000
DTSTAMP:20260405T165648
CREATED:20220628T211359Z
LAST-MODIFIED:20220628T211359Z
UID:10000638-1658923200-1658937600@www.blackhillsinfosec.com
SUMMARY:Modern WebApp Pentesting w/ BB King
DESCRIPTION:Modern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line\, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path\, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic\, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different. \nThis course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today\, based on the instructor’s many years of ongoing experience in testing … real webapps today. \nhttps://www.antisyphontraining.com/modern-webapp-pentesting-w-bb-king/
URL:https://www.blackhillsinfosec.com/event/modern-webapp-pentesting-w-bb-king/2022-07-27/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/modern-webapp-pentesting-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220727T120000
DTEND;TZID=America/New_York:20220727T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000819-1658923200-1658937600@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-27/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220727T110000
DTEND;TZID=America/New_York:20220727T160000
DTSTAMP:20260405T165648
CREATED:20220628T210910Z
LAST-MODIFIED:20230209T195723Z
UID:10000901-1658919600-1658937600@www.blackhillsinfosec.com
SUMMARY:Linux Command-Line Dojo w/ Hal Pomeranz
DESCRIPTION:Register: https://www.antisyphontraining.com/linux-command-line-dojo-w-hal-pomeranz/ \nThe DevOps folks are pushing Linux\, your red-team friends are doing serious damage with Linux-based tools\, and the Linux users on your Incident Response team are doing mysteriously powerful things. You’re ready to see if some of the Linux magic can rub off on you\, but you don’t know where to start. \nThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home\, so you can continue the learning even after class is over.
URL:https://www.blackhillsinfosec.com/event/linux-command-line-dojo-w-hal-pomeranz/2022-07-27/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Linux-Command-Line-Dojo-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220726T163000
DTEND;TZID=America/New_York:20220726T173000
DTSTAMP:20260405T165648
CREATED:20220624T204221Z
LAST-MODIFIED:20220920T184909Z
UID:10000460-1658853000-1658856600@www.blackhillsinfosec.com
SUMMARY:AASLR: Antisyphon Address Space Layout Randomization
DESCRIPTION:AASLR will have infosec professionals sharing their knowledge on tools\, techniques\, and procedures and then answering a lot of your questions on everything you can think to ask. \nStreamed live every Tuesday and Wednesday @ 4:30 pm. \nhttps://www.twitch.tv/antisyphon
URL:https://www.blackhillsinfosec.com/event/aaslr-antisyphon-address-space-layout-randomization/2022-07-26/
LOCATION:CA
CATEGORIES:Livestream
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/antisyphon_livestream_v1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220726T120000
DTEND;TZID=America/New_York:20220726T160000
DTSTAMP:20260405T165648
CREATED:20220628T211359Z
LAST-MODIFIED:20220628T211359Z
UID:10000637-1658836800-1658851200@www.blackhillsinfosec.com
SUMMARY:Modern WebApp Pentesting w/ BB King
DESCRIPTION:Modern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line\, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path\, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic\, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different. \nThis course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today\, based on the instructor’s many years of ongoing experience in testing … real webapps today. \nhttps://www.antisyphontraining.com/modern-webapp-pentesting-w-bb-king/
URL:https://www.blackhillsinfosec.com/event/modern-webapp-pentesting-w-bb-king/2022-07-26/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/modern-webapp-pentesting-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220726T120000
DTEND;TZID=America/New_York:20220726T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000818-1658836800-1658851200@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-26/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220726T110000
DTEND;TZID=America/New_York:20220726T160000
DTSTAMP:20260405T165648
CREATED:20220628T211918Z
LAST-MODIFIED:20220719T220333Z
UID:10000641-1658833200-1658851200@www.blackhillsinfosec.com
SUMMARY:Operation Purple w/Tim Schulz
DESCRIPTION:Ever wondered how purple teaming can supercharge your cyber capability? In this 16-hour\, hands-on course\, attendees will learn the balance between threat understanding and detection understanding to run their own purple team exercises. Attendees will start by learning the underlying methodologies that make purple teaming successful and metrics for success before diving into leveraging the ATT&CK framework to create threat informed emulation plans. Once attendees have successfully built plans\, they can leverage tools like SCYTHE or the Slingshot C2 VM to automate the emulation process. Finally\, attendees will learn to identify and build detections to their emulated attacks. \n\n\n\nhttps://www.antisyphontraining.com/operation-purple-w-tim-schulz/
URL:https://www.blackhillsinfosec.com/event/operation-purple-w-tim-schulz/2022-07-26/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Operation-Purple-Placeholder-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220726T110000
DTEND;TZID=America/New_York:20220726T160000
DTSTAMP:20260405T165648
CREATED:20220628T210910Z
LAST-MODIFIED:20230209T195723Z
UID:10000900-1658833200-1658851200@www.blackhillsinfosec.com
SUMMARY:Linux Command-Line Dojo w/ Hal Pomeranz
DESCRIPTION:Register: https://www.antisyphontraining.com/linux-command-line-dojo-w-hal-pomeranz/ \nThe DevOps folks are pushing Linux\, your red-team friends are doing serious damage with Linux-based tools\, and the Linux users on your Incident Response team are doing mysteriously powerful things. You’re ready to see if some of the Linux magic can rub off on you\, but you don’t know where to start. \nThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home\, so you can continue the learning even after class is over.
URL:https://www.blackhillsinfosec.com/event/linux-command-line-dojo-w-hal-pomeranz/2022-07-26/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Linux-Command-Line-Dojo-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220725T163000
DTEND;TZID=America/New_York:20220725T173000
DTSTAMP:20260405T165648
CREATED:20220624T174740Z
LAST-MODIFIED:20220627T143602Z
UID:10000396-1658766600-1658770200@www.blackhillsinfosec.com
SUMMARY:BHIS | Talkin' Bout Infosec News
DESCRIPTION:Join the BHIS team as we talk about current infosec news. \nStreamed live every Monday @ 4:30 pm. \nhttps://www.youtube.com/BlackHillsInformationSecurity
URL:https://www.blackhillsinfosec.com/event/bhis-talkin-bout-infosec-news/2022-07-25/
LOCATION:CA
CATEGORIES:Newscast
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/MicrosoftTeams-image-10.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220725T120000
DTEND;TZID=America/New_York:20220725T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000817-1658750400-1658764800@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-25/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220724T120000
DTEND;TZID=America/New_York:20220724T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000816-1658664000-1658678400@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-24/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220723T120000
DTEND;TZID=America/New_York:20220723T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000815-1658577600-1658592000@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-23/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220722T120000
DTEND;TZID=America/New_York:20220722T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000814-1658491200-1658505600@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-22/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220721T130000
DTEND;TZID=America/New_York:20220721T140000
DTSTAMP:20260405T165648
CREATED:20220624T172224Z
LAST-MODIFIED:20220719T202510Z
UID:10000391-1658408400-1658412000@www.blackhillsinfosec.com
SUMMARY:BHIS Webcast: Stopping Attacks With Cookies w/ BB King | 1-Hour
DESCRIPTION:Thursday\, July 21\, 2022 – 1 pm (UTC -4) \nRegister: https://zoom.us/webinar/register/WN_FCDP-UBWTQ6gTiqAEIOGOw \nNo. Not the web version of tossing a steak to the guard dog so it lets you by. I mean\, “Setting cookies so that your browser doesn’t include them in malicious requests (and also a bit about other ways to pass authentication tokens)\,” but that’s way too many words for a title\, no matter how you slice it. \nThe “secure” flag keeps cookies out of cleartext traffic. The “HttpOnly” flag makes cookies inaccessible to scripts. You probably know something about those. Do you know how the “SameSite” parameter works? It can solve your cross-site request forgery problems in a much simpler way than any of the traditional anti-CSRF defenses. \nBack up. It’s not just about flags on cookies. What about authentication for APIs? What does “defeating cross-site forgery attacks” look like when your webapp is API-based? Is it the same? Do we need to worry about CSRF when we’re talking about APIs? \nThe fundamentals: always there\, always relevant\, and so easy to overlook. Let’s look at how cross-site attacks actually work and how your browser’s behavior can be both the cause and the solution. \nChat with your fellow attendees in the Infosec Knowledge Sharing Discord server here: https://discord.gg/fr5wqbF — in the #webcast-live-chat channel.
URL:https://www.blackhillsinfosec.com/event/bhis-webcast-w-bb-king/
LOCATION:CA
CATEGORIES:BHIS Webcast
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/BB.jpeg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220721T120000
DTEND;TZID=America/New_York:20220721T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000813-1658404800-1658419200@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-21/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220720T163000
DTEND;TZID=America/New_York:20220720T173000
DTSTAMP:20260405T165648
CREATED:20220624T204221Z
LAST-MODIFIED:20220920T184909Z
UID:10000459-1658334600-1658338200@www.blackhillsinfosec.com
SUMMARY:AASLR: Antisyphon Address Space Layout Randomization
DESCRIPTION:AASLR will have infosec professionals sharing their knowledge on tools\, techniques\, and procedures and then answering a lot of your questions on everything you can think to ask. \nStreamed live every Tuesday and Wednesday @ 4:30 pm. \nhttps://www.twitch.tv/antisyphon
URL:https://www.blackhillsinfosec.com/event/aaslr-antisyphon-address-space-layout-randomization/2022-07-20/
LOCATION:CA
CATEGORIES:Livestream
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/antisyphon_livestream_v1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220720T120000
DTEND;TZID=America/New_York:20220720T160000
DTSTAMP:20260405T165648
CREATED:20220628T204648Z
LAST-MODIFIED:20220628T204648Z
UID:10000627-1658318400-1658332800@www.blackhillsinfosec.com
SUMMARY:Foundational Application Security Training w/ Kevin Johnson
DESCRIPTION:The Foundational Application Security Training (FAST) course is an 8-hour class focused on explaining the fundamentals of applications and their security. This lecture-focused class is designed to allow managers\, product owners\, support staff and non-developers understand application security. This lecture includes what makes up the various modern application technologies\, the application development process\, what vulnerabilities and risk are exposed via applications and how the attacks happen. This course will enable organizations to improve how they focus on application security while continuing to increase the coordination between the various teams including development\, project management\, product owners\, IT\, and security. Attendees will be able to understand and explain the various risks and controls within a secure modern application environment. \n\n\n\nhttps://www.antisyphontraining.com/foundational-application-security-training/
URL:https://www.blackhillsinfosec.com/event/foundational-application-security-training-w-kevin-johnson/2022-07-20/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Foundational_Application_Security_Training-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220720T120000
DTEND;TZID=America/New_York:20220720T160000
DTSTAMP:20260405T165648
CREATED:20220628T204403Z
LAST-MODIFIED:20220628T210612Z
UID:10000625-1658318400-1658332800@www.blackhillsinfosec.com
SUMMARY:Incident Response Foundations w/ Derek Banks
DESCRIPTION:Are you just getting started with Incident Response (IR) and not sure where to begin? Do you need to stand up an IR program or establish a Computer Security and Incident Response Team and need to get started on the right foot? \nIncident Response can be one of the most difficult aspects of Information Security and foundational skills are critical. \nThe goal of this course is to provide the core components that make up a successful Incident Response program. Students will learn how to get started on their IR journey\, what to prioritize\, and why boring stuff like policies and procedures are just as important as technical digital forensics skills. \nWe will cover the logging and monitoring capabilities necessary to be able to successfully investigate and triage an incident as well as what to do when those log sources fail. The concepts and skills introduced in this class will lay the groundwork for the next steps in the IR journey of in-depth endpoint and network forensics and analysis. \nhttps://www.antisyphontraining.com/incident-response-foundations-w-derek-banks/
URL:https://www.blackhillsinfosec.com/event/incident-response-foundations-w-derek-banks/2022-07-20/
LOCATION:CA
CATEGORIES:Training
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220720T120000
DTEND;TZID=America/New_York:20220720T160000
DTSTAMP:20260405T165648
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000812-1658318400-1658332800@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-07-20/
LOCATION:CA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
END:VCALENDAR