BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Black Hills Information Security, Inc. - ECPv6.15.18//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Black Hills Information Security, Inc.
X-ORIGINAL-URL:https://www.blackhillsinfosec.com
X-WR-CALDESC:Events for Black Hills Information Security, Inc.
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20220313T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20221106T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20230312T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20231105T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20240310T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20241103T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230303T100000
DTEND;TZID=America/New_York:20230303T180000
DTSTAMP:20260404T102302
CREATED:20220920T171541Z
LAST-MODIFIED:20230209T215840Z
UID:10000911-1677837600-1677866400@www.blackhillsinfosec.com
SUMMARY:Offensive Development w/ Greg Hatcher & John Stigerwalt
DESCRIPTION:Register: https://www.antisyphontraining.com/offensive-development-w-greg-hatcher-john-stigerwalt/ \nDive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code. \nThis course is designed to take you deep into defensive and offensive tooling – an apex attacker must know the own indicators of compromise (IOCs) they’re creating and the artifacts they’re\nleaving behind.
URL:https://www.blackhillsinfosec.com/event/offensive-development-w-greg-hatcher-john-stigerwalt-2/2023-03-03/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Offensive-Development-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230303T100000
DTEND;TZID=America/New_York:20230303T180000
DTSTAMP:20260404T102302
CREATED:20220822T231754Z
LAST-MODIFIED:20230209T184158Z
UID:10000792-1677837600-1677866400@www.blackhillsinfosec.com
SUMMARY:Enterprise Attack Initial Access w/ Steve Borosh
DESCRIPTION:Register: https://www.antisyphontraining.com/enterprise-attack-initial-access-w-steve-borosh/ \nEnterprises have been working tirelessly to improve their security postures through defense-in-depth approaches. Offensive teams have also been putting in long hours of research into bypassing the latest EDR’s and defensive products that keep them on their toes. Long gone “hopefully” are the days of hurdling an HTA file laced with a download cradle at a mature organization with a “Free iPad” ruse and watching your screen fill with incoming agents. \nAn offense-in-depth approach may be applied to offensive practitioners looking for success against organizations well-versed in defending a large enterprise. Today’s organizations have assets in multiple geo regions\, networks\, cloud services\, border hosts\, and many of them are tied to the internal network in some way.\nThis course aims to help offensive practitioners successfully exercise their client environments from a multi-faceted approach using the latest TTPs blended with esoteric practices to gain the upper hand on your assessments.
URL:https://www.blackhillsinfosec.com/event/enterprise-attack-initial-access-w-steve-borosh-2/2023-03-03/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/Enterprise-Attack-Initial-Access.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230303T100000
DTEND;TZID=America/New_York:20230303T180000
DTSTAMP:20260404T102302
CREATED:20220822T230850Z
LAST-MODIFIED:20230209T184019Z
UID:10000790-1677837600-1677866400@www.blackhillsinfosec.com
SUMMARY:Breaching the Cloud w/ Beau Bullock
DESCRIPTION:Register: https://www.antisyphontraining.com/breaching-the-cloud-w-beau-bullock/ \nDo you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services\, Microsoft Azure\, and Google Cloud Platform. In this training course\, hacking concepts will be introduced for each of those services. \nThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services\, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization. \nPost-compromise techniques of cloud infrastructure differ from the techniques used in typical on-premise environments. You will learn situational awareness techniques that ultimately will impact how you will escalate privileges in the cloud. With most cloud-based authentication being publicly exposed this presents new and interesting persistence techniques that are non-existent to on-premise environments. With productivity tools like G-Suite and Microsoft 365 many organizations are making their email and other data that is normally protected by a firewall available to remote employees. You will learn how to discover\, pillage\, and exfiltrate data from these services. \nMany organizations are fully leveraging cloud services for their production infrastructure. This can include web servers\, SQL databases\, storage\, virtual machines\, and more. In this training\, you will learn how to assess and compromise these resources. Some cloud deployments are directly connected to on-premise environments via VPN. This presents an opportunity to pivot access from cloud to on-prem or vice-versa. \nFinally\, in this training\, we will not only be attacking cloud infrastructure but also leveraging it for red team operations. You will learn techniques that leverage cloud services for techniques such as phishing\, domain fronting\, and command & control. \nTools and techniques used on real-world penetration tests against cloud assets will be shared including hands-on demonstrations. At the end of this training\, you will have new skills for assessing cloud-based infrastructure!
URL:https://www.blackhillsinfosec.com/event/breaching-the-cloud-w-beau-bullock-2/2023-03-03/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/BreachingCloud_1920x1080-1-1536x864-1.jpeg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230303T100000
DTEND;TZID=America/New_York:20230303T180000
DTSTAMP:20260404T102302
CREATED:20220822T230555Z
LAST-MODIFIED:20230209T183606Z
UID:10000788-1677837600-1677866400@www.blackhillsinfosec.com
SUMMARY:Advanced Network Threat Hunting w/ Chris Brenton
DESCRIPTION:Register: https://www.antisyphontraining.com/advanced-network-threat-hunting-w-chris-brenton/ \nSo far we’ve had over 21\,000 students attend our one-day network threat hunting course. Many have asked that we provide an extended class with more hands-on lab time. That is exactly what we have rolled into this 16-hour course! \nWe will spend most of this class analyzing pcap files for Command and Control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting\, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.
URL:https://www.blackhillsinfosec.com/event/advanced-network-threat-hunting-w-chris-brenton/2023-03-03/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/Adv-Network-Threat-Hunting-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230303T100000
DTEND;TZID=America/New_York:20230303T180000
DTSTAMP:20260404T102302
CREATED:20220822T224537Z
LAST-MODIFIED:20230209T184948Z
UID:10000887-1677837600-1677866400@www.blackhillsinfosec.com
SUMMARY:How to be Irresistible to Hiring Managers w/ Kip Boyle
DESCRIPTION:Register: https://www.antisyphontraining.com/how-to-be-irresistible-to-hiring-managers/ \nAre you spending hours a day trawling through the online job sites and spending even more time filling out lengthy application forms with nothing to show for it? Something’s not working\, but what could it be? Kip Boyle\, a veteran hiring manager who has personally interviewed hundreds of job applicants as well as hired dozens of successful cybersecurity candidates\, will teach you to think like a hiring manager and bend the hiring process to your advantage. After you taking this class\, you’ll understand how to ace your resume\, crush your interviews\, and negotiate your ideal salary.
URL:https://www.blackhillsinfosec.com/event/how-to-be-irresistible-to-hiring-managers-w-kip-boyle/2023-03-03/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/How_to_be_Irresistible_to_Hiring_Managers_.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230303T100000
DTEND;TZID=America/New_York:20230303T180000
DTSTAMP:20260404T102302
CREATED:20220628T210910Z
LAST-MODIFIED:20230209T195723Z
UID:10000905-1677837600-1677866400@www.blackhillsinfosec.com
SUMMARY:Linux Command-Line Dojo w/ Hal Pomeranz
DESCRIPTION:Register: https://www.antisyphontraining.com/linux-command-line-dojo-w-hal-pomeranz/ \nThe DevOps folks are pushing Linux\, your red-team friends are doing serious damage with Linux-based tools\, and the Linux users on your Incident Response team are doing mysteriously powerful things. You’re ready to see if some of the Linux magic can rub off on you\, but you don’t know where to start. \nThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home\, so you can continue the learning even after class is over.
URL:https://www.blackhillsinfosec.com/event/linux-command-line-dojo-w-hal-pomeranz/2023-03-03/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Linux-Command-Line-Dojo-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230303T100000
DTEND;TZID=America/New_York:20230303T180000
DTSTAMP:20260404T102302
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000851-1677837600-1677866400@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2023-03-03/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T120000
DTEND;TZID=America/New_York:20230302T160000
DTSTAMP:20260404T102302
CREATED:20220719T221156Z
LAST-MODIFIED:20230209T223825Z
UID:10000691-1677758400-1677772800@www.blackhillsinfosec.com
SUMMARY:Active Defense & Cyber Deception w/ John Strand
DESCRIPTION:Register: https://www.antisyphontraining.com/active-defense-cyber-deception-w-john-strand/ \nActive Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between. \nIn this class\, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly\, you will find out how to do the above legally. \nThe current threat landscape is shifting. Traditional defenses are failing us. We need to develop new strategies to defend ourselves. Even more importantly\, we need to better understand who is attacking us and why. Some of the things we talk about you may implement immediately\, others may take you a while to implement. Either way\, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers\, attribute who is attacking you\, and finally\, attack the attackers. \nThis class is based on the DARPA funded Active Defense Harbinger Distribution live Linux environment. This VM is built from the ground up for defenders to quickly implement Active Defenses in their environments. This class is also very heavy with hands-on labs. We will not just talk about Active Defenses. We will be doing hands-on labs and through them in a way that can be quickly and easily implemented in your environment.
URL:https://www.blackhillsinfosec.com/event/active-defense-cyber-deception-w-john-strand/2023-03-02/
LOCATION:PA
CATEGORIES:Pay What You Can,Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/ActDefCybDecept_1920x1080.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20230209T221006Z
LAST-MODIFIED:20230209T221008Z
UID:10000919-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Securing the Cloud: Foundations w/ Andrew Krug
DESCRIPTION:Register: https://www.antisyphontraining.com/securing-the-cloud-foundations-w-andrew-krug/ \nIn this course\, we’ll explore Amazon Web Services (AWS) as a platform. We will take the perspective of a new startup company spinning up infrastructure in AWS for the very first time. We’ll use a scenario-based approach\, where you’ll don the persona of a security engineer on your first day at a new startup. This course will demonstrate ideas like secure-by-default and will examine services and patterns for locking down defaults using a combination of open source and platform-native tooling. Finally\, attendees will walk away with a practical understanding of various controls\, detections\, and guardrails.
URL:https://www.blackhillsinfosec.com/event/securing-the-cloud-foundations-w-andrew-krug-3/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/andrewkrug.jpeg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20230209T221004Z
LAST-MODIFIED:20230209T221006Z
UID:10000757-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Securing the Cloud: Foundations w/ Andrew Krug
DESCRIPTION:Register: https://www.antisyphontraining.com/securing-the-cloud-foundations-w-andrew-krug/ \nIn this course\, we’ll explore Amazon Web Services (AWS) as a platform. We will take the perspective of a new startup company spinning up infrastructure in AWS for the very first time. We’ll use a scenario-based approach\, where you’ll don the persona of a security engineer on your first day at a new startup. This course will demonstrate ideas like secure-by-default and will examine services and patterns for locking down defaults using a combination of open source and platform-native tooling. Finally\, attendees will walk away with a practical understanding of various controls\, detections\, and guardrails.
URL:https://www.blackhillsinfosec.com/event/securing-the-cloud-foundations-w-andrew-krug-2/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/andrewkrug.jpeg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20230209T220712Z
LAST-MODIFIED:20230209T220714Z
UID:10000760-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Professionally Evil API Testing
DESCRIPTION:Register: https://www.antisyphontraining.com/professionally-evil-api-testing/ \n\n\nThis workshop-style intermediate course is designed to complement a student’s understanding of traditional Web Application Security. It focuses on modern application and API security features and tactics to protect APIs and microservices from attacks. Because the material in this course leans on standard HTTP and browser features\, and standard web and API security best practices\, the lessons and labs are applicable across programming languages and platform implementations. This material in this course is approached both from the perspective of an adversary and that of a defender.
URL:https://www.blackhillsinfosec.com/event/professionally-evil-api-testing-2/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Professionally-Evil-API-Cory-Sabol-Temp-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20230209T220045Z
LAST-MODIFIED:20230209T220405Z
UID:10000912-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:PowerShell for InfoSec: What You Need to Know! w/ Carrie Roberts
DESCRIPTION:Register: https://www.antisyphontraining.com/powershell-for-infosec-what-you-need-to-know/ \nPowerShell is an excellent cross-platform shell for executing commands and scripts on both local and remote machines. It is installed on Windows by default and is widely used by both network defenders and attackers. This course will cover key PowerShell concepts that both blue and red teamers should understand including logging\, credential management\, remote administration\, security bypass techniques\, and popular PowerShell attack tools.
URL:https://www.blackhillsinfosec.com/event/powershell-for-infosec-what-you-need-to-know-w-carrie-roberts/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2023/02/PowerShell-for-Infosec.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20230209T191713Z
LAST-MODIFIED:20230209T191713Z
UID:10000898-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Introduction to Python w/ Joff Thyer
DESCRIPTION:Register: https://www.antisyphontraining.com/introduction-to-python/ \nOne of the most pressing needs Information Security professionals face today is the need to automate their work in both the attack\, and defense context. Skills gained for automating tasks in programming languages are critical to scale up the efforts of a limited security professional talent pool.\nFor example\, it is not uncommon to find useful Python scripts on the Internet that are at a Proof-of-Concept stage to quickly achieve some information security professional goal. Penetration testers\, incident responders\, forensics\, and defense professionals need the ability to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool. \nThis course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks. \nThe expectation as to whether students can complete all exercises is dependent on prior student experience\, and knowledge. Python is a language that is best approached if a student has some elementary programming background (such as shell scripting for example).
URL:https://www.blackhillsinfosec.com/event/introduction-to-python-w-joff-thyer/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2023/02/Introduction-to-Python.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20230209T190053Z
LAST-MODIFIED:20230209T190053Z
UID:10000891-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Intro to Offensive Tooling w/ Chris Traynor
DESCRIPTION:Register: https://www.antisyphontraining.com/intro-to-offensive-tooling-w-chris-traynor/ \nInformation security is an increasingly important field\, as the amount of data being transmitted and stored digitally continues to grow. In order to protect this data from unauthorized access\, it is important for individuals and organizations to have a strong understanding of the tools and techniques used by attackers. \nThe Intro to Offensive Tooling training course will cover the basics of common offensive tools\, including Nmap\, Recon-ng\, Metasploit\, proxychains\, Responder\, and many more. The tools discussed are used by security professionals to identify vulnerabilities and exploit them in order to test the security of a system or network. The class will cover an overview of each tool\, its key features\, and functionality\, as well as practical exercises to reinforce how they can be used in a real-world scenario. Participants will also learn best practices for using these tools responsibly and within the bounds of ethical hacking.
URL:https://www.blackhillsinfosec.com/event/intro-to-offensive-tooling-w-chris-traynor/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2023/02/Intro-to-Offensive-Tooling.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20230209T163611Z
LAST-MODIFIED:20230209T165613Z
UID:10000785-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Advanced Endpoint Investigations w/ Jake Williams
DESCRIPTION:For most security teams\, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility\, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection\, investigative triage\, incident response pivots\, and root cause analysis. \nAfter learning about key endpoint artifact and memory analysis techniques for Windows and Linux\, attendees will work through real-world scenarios in hands-on labs. We’ll pivot from initial detection into host triage analysis to discern attackers’ discovery\, defense evasion and lateral movement techniques. Attendees will learn to identify key indicators for the generation of high-fidelity detections. \n\n\n\nhttps://www.antisyphontraining.com/advanced-endpoint-investigations/
URL:https://www.blackhillsinfosec.com/event/advanced-endpoint-investigations/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/advanced_endpoints.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20221206T211109Z
LAST-MODIFIED:20230209T190439Z
UID:10000896-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Introduction to Pentesting w/ John Strand
DESCRIPTION:Register: https://www.antisyphontraining.com/introduction-to-pentesting/ \nAre you looking to make a transition into pentesting but are overwhelmed or just don’t know how to get started? With numerous different types of engagements\, operational phases\, and a constant flood of new vulnerabilities hitting the industry\, the journey into penetration testing can quickly become confusing. \nIn this training course\, we will examine the different types of penetration testing engagements and take a deep dive into establishing a repeatable testing methodology for executing quality tests. We will look at some tools of the trade to understand what they are doing under the hood\, identify what separates a great finding from a good finding in reports\, and really zero in on establishing your own methodology! \nBy the end of the training\, you can expect to leave with a firm understanding of how pentests are executed and a newfound comfortability performing penetration tests. We will also provide numerous resources and tools that will help you pave your way into a pentesting career!
URL:https://www.blackhillsinfosec.com/event/introduction-to-pentesting-w-john-strand-2/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/12/Introduction-to-Pentesting-1536x860-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220920T180353Z
LAST-MODIFIED:20230209T222159Z
UID:10000918-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Red Team Fundamentals for Active Directory w/ Eric Kuehn
DESCRIPTION:Register: https://www.antisyphontraining.com/red-team-fundamentals-for-active-directory/ \nThe Red Team Fundamentals for Active Directory course is an 8-hour class focused on explaining the fundamentals of Active Directory and how different aspects can be exploited when performing penetration tests. The goal is not only to cover different attacks but also explain the details of why they work and how an environment can be made resilient to them and potentially detect malicious activity. This combination opens the course to those looking to hone their offensive skills as well as those who are protecting an enterprise network. \nThe course mixes lecture with a number of hands-on exercises to reinforce the information and techniques. The activities will cover ways to examine an Active Directory environment\, looking for a variety of misconfigurations that are commonly seen in Active Directory implementations (even by some security-conscious entities)\, and then exploit these issues to pivot and escalate our access. Ultimately\, the students will gain full control of an AD Forest. \nWhile in class\, students will be provided access to a lab containing realistic targets and tools to learn both the attacks and defenses of Active Directory. This environment enables the attendees to understand how the covered techniques are used in the real world.
URL:https://www.blackhillsinfosec.com/event/red-team-fundamentals-for-active-directory-w-eric-kuehn-2/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Red_Team_Fundamentals_for_Active_Directory-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220920T180110Z
LAST-MODIFIED:20230209T185807Z
UID:10000890-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Incident Response Foundations w/ Derek Banks
DESCRIPTION:Register: https://www.antisyphontraining.com/incident-response-foundations-w-derek-banks/ \nAre you just getting started with Incident Response (IR) and not sure where to begin? Do you need to stand up an IR program or establish a Computer Security and Incident Response Team and need to get started on the right foot? \nIncident Response can be one of the most difficult aspects of Information Security and foundational skills are critical. \nThe goal of this course is to provide the core components that make up a successful Incident Response program. Students will learn how to get started on their IR journey\, what to prioritize\, and why boring stuff like policies and procedures are just as important as technical digital forensics skills. \nWe will cover the logging and monitoring capabilities necessary to be able to successfully investigate and triage an incident as well as what to do when those log sources fail. The concepts and skills introduced in this class will lay the groundwork for the next steps in the IR journey of in-depth endpoint and network forensics and analysis.
URL:https://www.blackhillsinfosec.com/event/incident-response-foundations-w-derek-banks-2/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Incident_Response_Foundations.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220920T172402Z
LAST-MODIFIED:20230209T215643Z
UID:10000908-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Network Forensics and Incident Response w/ Troy Wojewoda
DESCRIPTION:Register: https://www.antisyphontraining.com/network-forensics-and-detection-w-troy-wojewoda/ \nIncident responders are continually faced with the challenge of collecting and analyzing relevant event data—network communications is no exception. This course uses an assortment of network data acquisition tools and techniques with a focus on open-source\, vendor-neutral solutions. Students who take this course will learn how to perform network traffic and protocol analysis that ultimately supports cybersecurity incident response efforts. From reconnaissance to data exfiltration\, network traffic scales to provide a bird’s-eye view of attacker activity. Leveraging the vantage point of key network traffic chokepoints\, this course explores nearly every phase of an attacker’s methodology. Students will learn network traffic analysis concepts and work through hands-on lab exercises that reinforce the course material using real-world attack scenarios.
URL:https://www.blackhillsinfosec.com/event/network-forensics-and-incident-response-w-troy-wojewoda/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Network-Forensics-Incident-Response-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220920T172139Z
LAST-MODIFIED:20230209T195843Z
UID:10000906-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Modern WebApp Pentesting w/ BB King
DESCRIPTION:Register: https://www.antisyphontraining.com/modern-webapp-pentesting-w-bb-king/ \nModern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line\, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path\, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic\, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different. \nThis course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today\, based on the instructor’s many years of ongoing experience in testing … real webapps today.
URL:https://www.blackhillsinfosec.com/event/modern-webapp-pentesting-w-bb-king-2/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/modern-webapp-pentesting-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220920T171541Z
LAST-MODIFIED:20230209T215840Z
UID:10000910-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Offensive Development w/ Greg Hatcher & John Stigerwalt
DESCRIPTION:Register: https://www.antisyphontraining.com/offensive-development-w-greg-hatcher-john-stigerwalt/ \nDive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code. \nThis course is designed to take you deep into defensive and offensive tooling – an apex attacker must know the own indicators of compromise (IOCs) they’re creating and the artifacts they’re\nleaving behind.
URL:https://www.blackhillsinfosec.com/event/offensive-development-w-greg-hatcher-john-stigerwalt-2/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Offensive-Development-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220822T231754Z
LAST-MODIFIED:20230209T184158Z
UID:10000791-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Enterprise Attack Initial Access w/ Steve Borosh
DESCRIPTION:Register: https://www.antisyphontraining.com/enterprise-attack-initial-access-w-steve-borosh/ \nEnterprises have been working tirelessly to improve their security postures through defense-in-depth approaches. Offensive teams have also been putting in long hours of research into bypassing the latest EDR’s and defensive products that keep them on their toes. Long gone “hopefully” are the days of hurdling an HTA file laced with a download cradle at a mature organization with a “Free iPad” ruse and watching your screen fill with incoming agents. \nAn offense-in-depth approach may be applied to offensive practitioners looking for success against organizations well-versed in defending a large enterprise. Today’s organizations have assets in multiple geo regions\, networks\, cloud services\, border hosts\, and many of them are tied to the internal network in some way.\nThis course aims to help offensive practitioners successfully exercise their client environments from a multi-faceted approach using the latest TTPs blended with esoteric practices to gain the upper hand on your assessments.
URL:https://www.blackhillsinfosec.com/event/enterprise-attack-initial-access-w-steve-borosh-2/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/Enterprise-Attack-Initial-Access.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220822T230850Z
LAST-MODIFIED:20230209T184019Z
UID:10000789-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Breaching the Cloud w/ Beau Bullock
DESCRIPTION:Register: https://www.antisyphontraining.com/breaching-the-cloud-w-beau-bullock/ \nDo you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services\, Microsoft Azure\, and Google Cloud Platform. In this training course\, hacking concepts will be introduced for each of those services. \nThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services\, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization. \nPost-compromise techniques of cloud infrastructure differ from the techniques used in typical on-premise environments. You will learn situational awareness techniques that ultimately will impact how you will escalate privileges in the cloud. With most cloud-based authentication being publicly exposed this presents new and interesting persistence techniques that are non-existent to on-premise environments. With productivity tools like G-Suite and Microsoft 365 many organizations are making their email and other data that is normally protected by a firewall available to remote employees. You will learn how to discover\, pillage\, and exfiltrate data from these services. \nMany organizations are fully leveraging cloud services for their production infrastructure. This can include web servers\, SQL databases\, storage\, virtual machines\, and more. In this training\, you will learn how to assess and compromise these resources. Some cloud deployments are directly connected to on-premise environments via VPN. This presents an opportunity to pivot access from cloud to on-prem or vice-versa. \nFinally\, in this training\, we will not only be attacking cloud infrastructure but also leveraging it for red team operations. You will learn techniques that leverage cloud services for techniques such as phishing\, domain fronting\, and command & control. \nTools and techniques used on real-world penetration tests against cloud assets will be shared including hands-on demonstrations. At the end of this training\, you will have new skills for assessing cloud-based infrastructure!
URL:https://www.blackhillsinfosec.com/event/breaching-the-cloud-w-beau-bullock-2/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/BreachingCloud_1920x1080-1-1536x864-1.jpeg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220822T230555Z
LAST-MODIFIED:20230209T183606Z
UID:10000787-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Advanced Network Threat Hunting w/ Chris Brenton
DESCRIPTION:Register: https://www.antisyphontraining.com/advanced-network-threat-hunting-w-chris-brenton/ \nSo far we’ve had over 21\,000 students attend our one-day network threat hunting course. Many have asked that we provide an extended class with more hands-on lab time. That is exactly what we have rolled into this 16-hour course! \nWe will spend most of this class analyzing pcap files for Command and Control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting\, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.
URL:https://www.blackhillsinfosec.com/event/advanced-network-threat-hunting-w-chris-brenton/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/Adv-Network-Threat-Hunting-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220822T224537Z
LAST-MODIFIED:20230209T184948Z
UID:10000886-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:How to be Irresistible to Hiring Managers w/ Kip Boyle
DESCRIPTION:Register: https://www.antisyphontraining.com/how-to-be-irresistible-to-hiring-managers/ \nAre you spending hours a day trawling through the online job sites and spending even more time filling out lengthy application forms with nothing to show for it? Something’s not working\, but what could it be? Kip Boyle\, a veteran hiring manager who has personally interviewed hundreds of job applicants as well as hired dozens of successful cybersecurity candidates\, will teach you to think like a hiring manager and bend the hiring process to your advantage. After you taking this class\, you’ll understand how to ace your resume\, crush your interviews\, and negotiate your ideal salary.
URL:https://www.blackhillsinfosec.com/event/how-to-be-irresistible-to-hiring-managers-w-kip-boyle/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/How_to_be_Irresistible_to_Hiring_Managers_.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220628T210910Z
LAST-MODIFIED:20230209T195723Z
UID:10000904-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:Linux Command-Line Dojo w/ Hal Pomeranz
DESCRIPTION:Register: https://www.antisyphontraining.com/linux-command-line-dojo-w-hal-pomeranz/ \nThe DevOps folks are pushing Linux\, your red-team friends are doing serious damage with Linux-based tools\, and the Linux users on your Incident Response team are doing mysteriously powerful things. You’re ready to see if some of the Linux magic can rub off on you\, but you don’t know where to start. \nThis 16-hour course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home\, so you can continue the learning even after class is over.
URL:https://www.blackhillsinfosec.com/event/linux-command-line-dojo-w-hal-pomeranz/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Linux-Command-Line-Dojo-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230302T090000
DTEND;TZID=America/New_York:20230302T180000
DTSTAMP:20260404T102302
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000850-1677747600-1677780000@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2023-03-02/
LOCATION:PA
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230301T163000
DTEND;TZID=America/New_York:20230301T173000
DTSTAMP:20260404T102302
CREATED:20220624T204221Z
LAST-MODIFIED:20220920T184909Z
UID:10000523-1677688200-1677691800@www.blackhillsinfosec.com
SUMMARY:AASLR: Antisyphon Address Space Layout Randomization
DESCRIPTION:AASLR will have infosec professionals sharing their knowledge on tools\, techniques\, and procedures and then answering a lot of your questions on everything you can think to ask. \nStreamed live every Tuesday and Wednesday @ 4:30 pm. \nhttps://www.twitch.tv/antisyphon
URL:https://www.blackhillsinfosec.com/event/aaslr-antisyphon-address-space-layout-randomization/2023-03-01/
LOCATION:PA
CATEGORIES:Livestream
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/antisyphon_livestream_v1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230301T120000
DTEND;TZID=America/New_York:20230301T160000
DTSTAMP:20260404T102302
CREATED:20220719T221156Z
LAST-MODIFIED:20230209T223825Z
UID:10000690-1677672000-1677686400@www.blackhillsinfosec.com
SUMMARY:Active Defense & Cyber Deception w/ John Strand
DESCRIPTION:Register: https://www.antisyphontraining.com/active-defense-cyber-deception-w-john-strand/ \nActive Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between. \nIn this class\, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly\, you will find out how to do the above legally. \nThe current threat landscape is shifting. Traditional defenses are failing us. We need to develop new strategies to defend ourselves. Even more importantly\, we need to better understand who is attacking us and why. Some of the things we talk about you may implement immediately\, others may take you a while to implement. Either way\, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers\, attribute who is attacking you\, and finally\, attack the attackers. \nThis class is based on the DARPA funded Active Defense Harbinger Distribution live Linux environment. This VM is built from the ground up for defenders to quickly implement Active Defenses in their environments. This class is also very heavy with hands-on labs. We will not just talk about Active Defenses. We will be doing hands-on labs and through them in a way that can be quickly and easily implemented in your environment.
URL:https://www.blackhillsinfosec.com/event/active-defense-cyber-deception-w-john-strand/2023-03-01/
LOCATION:PA
CATEGORIES:Pay What You Can,Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/ActDefCybDecept_1920x1080.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230301T110000
DTEND;TZID=America/New_York:20230301T170000
DTSTAMP:20260404T102302
CREATED:20221219T211708Z
LAST-MODIFIED:20221220T163146Z
UID:10000636-1677668400-1677690000@www.blackhillsinfosec.com
SUMMARY:The Most Offensive Con That Ever Offensived Summit
DESCRIPTION:https://zoom.us/j/95879143124
URL:https://www.blackhillsinfosec.com/event/the-most-offensive-con-that-ever-offensived-summit/
LOCATION:PA
CATEGORIES:Conference
END:VEVENT
END:VCALENDAR