Cyber Threat Hunting Training – May Session (4-Hours)

Tuesday, May 12th, 12pm – 4pm EST

Chris Brenton from Active Countermeasures is conducting a free, one-day, Cyber Threat Hunting Training online course.

This will be a live online course with Q&A available.

One of the biggest challenges in security today is identifying when our protection tools have failed and a threat actor has made it onto our network.

In this free, one-day course, we will cover how to leverage network data to perform a cyber threat hunt.

The focus will be on processes and techniques that can be used to protect:

  • Desktops
  • Servers
  • Network gear
  • IIoT
  • BYOD system

The course includes hands-on labs using packet captures of various command and control channels.

The labs will enable you to apply what you’ve learned using various open-source tools.

By the end of the course, you’ll understand the tools and techniques needed to perform compromise assessments within your own environment. While the course will be available later for download, live attendees will receive a “Cyber Security Threat Hunter Level-1” certificate.

What’s the catch? There is none. Except, we will email you about future threat hunting webcasts and blogs unless you’d like to unsubscribe at anytime.

Why are we doing it? Cyber threat hunting is a relatively new discipline. As an industry, we are still formulating standards and procedures. We want to do our part by giving back to the security community. We are hoping that by sharing what we’ve learned we can help spark new ideas and threat hunting tools. Let’s build a community and solve these problems together. 

Join the BHIS Discord Channel to discuss the training live with the other training attendees:

Linux Forensics w/ Hal Pomeranz (4 Sessions – 4 Hour Classes)

4 Sessions:

Instructor: Hal Pomeranz

Includes: Live presentation, PDF with slides and author notes, VMware virtual machine containing lab exercises and sample forensic images, Course certificate.

Linux is everywhere– running in the cloud, on cell phones, and in embedded devices that make up the “Internet of Things”. Often neglected by their owners, vulnerable Linux systems are low-hanging fruit for attackers wishing to create powerful botnets or mine cryptocurrencies. Ransomware type attacks may target Linux-based database systems and other important infrastructure.

As attacks against Linux become more and more common, there is an increasing demand for skilled Linux investigators. But even experienced forensics professionals may lack sufficient background to properly conduct Linux investigations. Linux is its own particular religion and requires dedicated study and practice to become comfortable.

This two-day, hands-on course is a quick start into the world of Linux forensics. Learn how to use memory forensics to rapidly triage systems and spot attacker malware and rootkits. Learn where the most critical on-disk artifacts live and how they can help further an investigation. Rapidly process Linux logs and build a clearer picture of what happened on the system.


  • Acquiring and analyzing Linux memory
  • Accessing complex Linux disk geometries
  • Rapid triage for key Linux artifacts
  • Linux log analysis


  • Experienced forensic professionals wanting to expand their Linux knowledge
  • SOC analysts needing a stronger grounding in Linux
  • Administrators/developers defending Linux infrastructures


This course is an introduction to Linux forensics, but not an introduction to forensics. The course assumes at least some knowledge of digital forensic methods, such as evidence acquisition. This course is heavily command-line driven, so basic familiarity with the Linux command-line is helpful.


  • High-speed Internet access
  • A BitTorrent client for downloading course materials (e.g., Transmission
  • A computer with at least 150GB of free space and capable of running a 64-bit VMware virtual machine using 4GB of RAM


A properly configured computer and natural curiosity!


Students will receive course slides and author notes, lab exercises and virtual machine, and sample forensic images. This material can be downloaded Here.


Hal Pomeranz is an independent digital forensic investigator who has consulted on cases ranging from intellectual property theft to employee sabotage, to organized cybercrime and malicious software infrastructures. He has spent more than thirty years providing pragmatic Information Technology and Security solutions for some of the world’s largest commercial, government, and academic institutions.

Join the Wild West Hackin’ Fest Discord server to stay updated on future trainings and webcasts:

Breaching the Cloud Perimeter Training w/ Labs – May Session (4-Hours)

Thursday, May 28th, 12pm – 5pm EST

Do you want to level up your cloud penetration testing skills?

The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this free 4-hour workshop, hacking concepts will be introduced for each of those services. Learn how to perform reconnaissance against cloud assets and identify common vulnerabilities that lead to compromise of an organization. Tools and techniques used on real-world penetration tests against cloud assets will be shared including hands-on demonstrations.

You will leave this workshop with new skills for assessing cloud-based infrastructure!

Join the BHIS Discord Channel to discuss the training live with the other training attendees: