Wild West Hackin' Fest - Deadwood 2024: Full Schedule

arrow_back View All Dates

7:30am MDT

Conference Registration

Thursday October 10, 2024 7:30am - 6:00pm MDT

Deadwood Mountain Grand - General Session

Speakers

WWHF Staff

Thursday October 10, 2024 7:30am - 6:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

8:00am MDT

Martial Arts Workout

Thursday October 10, 2024 8:00am - 8:45am MDT

Deadwood Mountain Grand - General Session

It's only a matter of time before there's an attempt to steal your briefcase full of case files. Are you prepared?

The WWHF Agent Training Program will cover fundamental self defense techniques. These include: situational awareness, movement, strikes, and escapes from grabs and attacks. More advanced concepts including ground fighting maybe covered on the second day.

Speakers

Cameron Cartier

Security Analyst, Black Hills Information Security

Cameron Cartier joined Black Hills Information Security in 2023 as a Security Analyst. She specializes in web, mobile, and API hacking but likes all new research areas as well. Cameron received a Masters degree in computer science from the University of Utah and she loves to learn... Read More →

Thursday October 10, 2024 8:00am - 8:45am MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Fun and Games

8:45am MDT

Welcome to Wild West Hackin' Fest

Thursday October 10, 2024 8:45am - 9:00am MDT

Deadwood Mountain Grand - General Session

Thursday October 10, 2024 8:45am - 9:00am MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

9:00am MDT

Dawn of Enlightenment: The Golden Age of Cybersecurity Knowledge and Collaboration

Thursday October 10, 2024 9:00am - 9:50am MDT

Deadwood Mountain Grand - General Session

The landscape of cyber knowledge and resource sharing has evolved dramatically from guarded secrets to open collaboration over the last 20 years."Dawn of Enlightenment: The Golden Age of Cybersecurity Knowledge and Collaboration" will begin by exploring the 'Dark Ages' of cyber education, where access to knowledge was often restricted by financial barriers or hoarded by the 1337. This retrospective will contrast sharply with modern advancements, where 'dawn broke'. Five, fundamentally distinct, use cases will be presented that highlight the seismic shift in how cybersecurity knowledge is accessed and shared today.As we look to the future, this talk will not only educate and entertain but also inspire. Every attendee will be equipped with a variety of tooling that aligns for different personality types and CHALLENGED to take up the mantle of openness and collaboration, ensuring that the spirit of this new age continues to thrive. Prepare to be inspired, educated, and entertained!

Speakers

Dr. Gerald Auger

Dr. Auger is a 20+ year cybersecurity professional, academic, and author. He has been the cybersecurity architect at MUSC, a multi-billion dollar academic medical center. He has built cybersecurity programs from the ground up, educates as Adjunct Faculty in The Citadel Military College... Read More →

Thursday October 10, 2024 9:00am - 9:50am MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Keynote

10:00am MDT

{JWT}.{Misuse}.&Abuse

Thursday October 10, 2024 10:00am - 10:50am MDT

Deadwood Mountain Grand - Track 1

JWTs are an incredibly flexible tool that make life easier for developers because they are standardized, widely supported, and include important security features by default. However, like any powerful tool, JWTs can be dangerous when used incorrectly, or for unintended purposes. In this talk, I aim to shine a light on common JWT misuse and abuse. I'll start by briefly describing JWTs and common use cases for them. I'll then present real world scenarios of misuse and abuse from applications that I've tested as a consultant, and written as an engineer. As I present each scenario, I'll demonstrate the various features and failures live, and discuss how the specific implementation of JWTs can be hardened. The end result will be an enlightening and entertaining presentation of information and experience that will provide the viewer with a practical knowledge of how, and how not, to use JWTs.

Speakers

Tim Tomes

Application Security Engineer with extensive experience in the information technology and security industries. Experience ranges from software development to full-scope penetration testing (red teaming) as both a technician and leader for both the United States Military and private... Read More →

Thursday October 10, 2024 10:00am - 10:50am MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

10:00am MDT

Tackling the AI Spin Cycle: A Briefing on AI Governance, Laws, and Tools

Thursday October 10, 2024 10:00am - 10:50am MDT

Deadwood Mountain Grand - Track 2

This presentation titled "Tackling the AI Spin Cycle: A Briefing on AI Governance, Laws, and Tools" will introduce the conference attendee to the complex landscape of artificial intelligence (AI) governance and regulation. As AI technologies continue to evolve rapidly, it has become increasingly important to establish robust frameworks to ensure ethical and responsible deployment.
Everything is Piling Up! We will explore the mess of AI governance, including legal, ethical, and technical considerations. We will navigate through the spin cycle of existing laws and regulations governing AI, highlighting both their strengths and limitations in addressing the unique challenges posed by AI applications.
We'll sort the delicates from the heavy duty by looking at emerging tools and methodologies designed to facilitate effective AI governance, including transparency mechanisms, accountability frameworks, and ethical AI guidelines.
By providing insights into the current state of AI governance and offering practical guidance on navigating this evolving landscape, this presentation aims to sort through the mess and give the conference attendee of feeling comfortable in their own clothes by understanding AI governance better.

Speakers

Kelli Tarala

Kelli Tarala is a cybersecurity consultant, author, and speaker. She is the founder of Enclave Security and Auditscripts.com, and currently enjoys Governance, Risk, Compliance, and Privacy consulting at Black Hills Information Security.As an industry-recognized subject matter expert... Read More →

Thursday October 10, 2024 10:00am - 10:50am MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

10:00am MDT

Playing the game of tag with modern day AV and EDRs: A guide to evading the watchdogs.

Thursday October 10, 2024 10:00am - 10:50am MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

The perpetual race to safeguard and secure our infrastructures have given birth to robust defensive mechanisms, such as antiviruses (AV), Endpoint Detection and Response (EDRs), and Extended detection and response (XDR) just to name a few. Over the years the detection methodologies employed by them have evolved. From the very basic string and hash matching techniques, defensive mechanisms have enhanced their capabilities by employing machine learning, in memory scanning and other sophisticated techniques. From the perspective of a maldev, developing a malware is considerably easier as compared to evading it.
In this talk we will discuss various techniques employed by maldevs to circumvent detection measure implemented by modern day AVs and EDRs. This talk will solely focus on the Windows ecosystem. We will discuss the nitty gritties of the Windows OS, followed by various detection techniques implemented by AVs and EDRs. After understanding the detection methods we will shift our focus on various techniques that can be implemented to bypass aforementioned detection techniques. Some techniques included are Unhooking, BlockDLL, Repatching, API Hashing, ETW and AMSI patching etc.
In order to better understand the concepts discussed, we present real life PoCs. These PoCs will showcase the discussed evasion techniques on a popular red teaming tool (Juicy Potato). Furthermore these PoCs will showcase the exact detection methods and how we were able to bypass them to gain access.

Speakers

Aryan Jogia

Aryan is a security researcher with over 3+ years of experience. He’s a full time maldev and loves to evade AV and EDRs. His research interests are not just limited to Windows, but he even develops low level code for *nix systems. Even though his expertise lies in the domain of... Read More →

Chetanya Kunndra

Chetanya Kunndra is a security researcher with over 2+ years of experience. His major area of expertise lies within the domain of pentesting and red teaming. Apart from red teaming, he has a knack for developing automation toolkits. He often dabbles with maldev and reverse engineering... Read More →

Thursday October 10, 2024 10:00am - 10:50am MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, 50 Minute Talk

10:00am MDT

BHIS Content and Community Meetup

Thursday October 10, 2024 10:00am - 12:00pm MDT

Martin Mason Hotel

We would love the opportunity to meet the community. Join Deb, Zach, and Jason from the BHIS and Antisyphon webcasts, and part of the Content & Community team, at Wild West Hackin' Fest. We love getting to meet you. We've talked AT you through the webcasts, now we want to talk WITH you in person. So, if you're available and want to come meet others from Discord, LinkedIn, and all the other places the community gathers, then this is a great opportunity for us to all get to know each other and become friends!

Martin Mason Hotel Ballroom, 33 Deadwood St., Deadwood

Thursday October 10, 2024 10:00am - 12:00pm MDT
Martin Mason Hotel 33 Deadwood St, Deadwood, SD 57732, USA

10:00am MDT

Wrangling Identity in the AWS Cloud with your DevSecOps Lasso

Thursday October 10, 2024 10:00am - 12:00pm MDT

Homestake Adams Research and Cultural Center - Second Floor

One of the most important foundations in cloud is identity and access management. Striking the right balance of velocity, guardrails, and acceptable risk is incredibly challenging. Fortunately it’s easy to close those gaps with open source tooling and cloud provider tools. In this workshop we’ll explore CI/CD workflows, IAM Policy creation, and continuous auditing for the AWS Cloud. Attendees will leave the workshop with a firm understanding of how to integrate AWS with Github actions, AWS Codebuild, Codepipeline, and more. Don’t miss this session with Antisyphon instructor Andrew Krug. Attendees should bring a laptop with any modern Linux virtual machine or MacOS.

Speakers

Andrew Krug

Andrew Krug is a Security Geek specializing in Cloud and Identity and Access Management. Krug brings 15 years experience at the intersection of security, education, and systems administration. As a fierce advocate for Open Source and founder of ThreatResponse tool suite, Andrew has... Read More →

Thursday October 10, 2024 10:00am - 12:00pm MDT
Homestake Adams Research and Cultural Center - Second Floor 150 Sherman St, Deadwood, SD 57732, USA

HARCC - Second Floor, Workshop

10:00am MDT

Practical Soldering

Thursday October 10, 2024 10:00am - 12:00pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Are you interested in learning how to solder? Well you are in luck! This year Rick Wisser and Dave Fletcher from BHIS have put together a soldering workshop where you can get some hands on experience soldering on a working project. Rick and Dave have had several years of experience related to all types of soldering related to contract manufacturing of printed circuit boards. The goal of the workshop is to get you familiar with soldering and how to avoid common mistakes in solder techniques. Rick and Dave will share proper techniques, tips, and pointers that simplifies the manual soldering process.

Speakers

Dave Fletcher

David Fletcher has been working for Black Hills Information Security (BHIS) as a Security Analyst since 2015. He has spent most of his career working for the US Air Force and engaged in a variety of disciplines within the IT industry including boundary defense, web and application... Read More →

Rick Wisser

Rick Wisser has been with the Black Hills Information Security (BHIS) team since 2015. He is a Security Analyst, GIAC Certified Incident Handler (GCIH), and a SANS NetWars Level 5 certificate holder. Rick has an associate degree in Electronic Technology and Computer Networking as... Read More →

Thursday October 10, 2024 10:00am - 12:00pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, Workshop

10:00am MDT

Spearphish General Store

Thursday October 10, 2024 10:00am - 6:00pm MDT

Deadwood Mountain Grand - General Session

Thursday October 10, 2024 10:00am - 6:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

10:00am MDT

Sponsor Exhibits

Thursday October 10, 2024 10:00am - 6:00pm MDT

Deadwood Mountain Grand - General Session

Thursday October 10, 2024 10:00am - 6:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Sponsors

10:00am MDT

Hands-on-Labs

Thursday October 10, 2024 10:00am - 6:00pm MDT

Deadwood Mountain Grand - Main Stage

Thursday October 10, 2024 10:00am - 6:00pm MDT
Deadwood Mountain Grand - Main Stage 1906 Deadwood Mountain Dr, Deadwood, SD

Main Stage, Fun and Games

10:00am MDT

MetaCTF

Thursday October 10, 2024 10:00am - 6:00pm MDT

Deadwood Mountain Grand - Main Stage

Thursday October 10, 2024 10:00am - 6:00pm MDT
Deadwood Mountain Grand - Main Stage 1906 Deadwood Mountain Dr, Deadwood, SD

Main Stage, Fun and Games

10:00am MDT

ProCircular Escape Room - Sponsored by Gravwell

Thursday October 10, 2024 10:00am - 6:15pm MDT

Deadwood Mountain Grand - Hotel Lobby 3rd Floor

Step into the shoes of a cybersecurity professional in the form of a cyber escape room experience. In this interactive session, you and your team will face a simulated crisis: A cyber attacker, has breached your company's defenses and is stealing sensitive data. Your mission? Work together to uncover the hacker's username and password, track down the stolen files, and identify the type of information that has been compromised.

This scenario challenges participants to think critically and collaborate effectively. A mysterious briefcase, filled with cryptic clues and hidden messages, has been left behind by the attacker. To thwart the hacker's plans, you'll need to decipher the clues, recognize phishing attempts, and classify the compromised data. As you progress, you’ll learn cybersecurity skills, such as creating strong passwords, cryptography basics, phishing email identification, and data classification skills, while racing against the clock to secure your company’s most valuable assets.

Can your team outsmart the hacker and prevent a data breach? Join us in the ProCircular Cyber Escape Room to find out!

Speakers

Brandon Potter

CTO, ProCircular

With over 20 years of experience in Information Technology, including 14 years in cybersecurity, Brandon brings a wealth of knowledge and a dynamic approach to the industry. He excels at forging strong partnerships with clients, understanding their unique business objectives, and... Read More →

Sponsors

Gravwell

Get the best out of your data, even the binary kind. Our built-from-scratch modern solution offers unrestricted data ingest and powerful root cause analysis. Cut through the cybersecurity noise with half the compute power. Ideal for from SOC Analysts to CISOs and even IT heroes who... Read More →

Thursday October 10, 2024 10:00am - 6:15pm MDT
Deadwood Mountain Grand - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

DMG Hotel Lobby 3rd Floor, Fun and Games

11:00am MDT

Digital Doppelgängers: The Dual Faces of Deepfake Technology

Thursday October 10, 2024 11:00am - 11:50am MDT

Deadwood Mountain Grand - Track 1

In society, evolving artificial intelligence leverages cutting-edge technology to create synthetic text, audio, and video clips at a concerning rate. These emerging innovations pose significant threats to organizations' cybersecurity protocols and defenses. This presentation examines the multifaceted nature of deepfakes, offering insights into their creation and detection, what organizations need to do to educate their users, and the technology available to protect against these latest strains of social engineering attacks.

Speakers

James McQuiggan

Security Awareness Advocate, KnowBe4

James McQuiggan has over 20 years of experience in cybersecurity and is currently Security Awareness Advocate for KnowBe4, where he is responsible for amplifying the organization’s messaging related to the importance of, effectiveness of and the need for new-school security awareness... Read More →

Thursday October 10, 2024 11:00am - 11:50am MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

11:00am MDT

I didn't waste my life gaming - I learned cyber security

Thursday October 10, 2024 11:00am - 11:50am MDT

Deadwood Mountain Grand - Track 2

This presentation offers an exploration into the origins, innovations, and implications of hacking in the gaming industry. In a virtual world where pixels and code meet human creativity, video games have taken off in popularity within the last 70 years. Beginning with a look at the rudimentary hacks of early classics, we will explore how the earliest video game hacks shaped the future of gaming and cybersecurity. From memory manipulation and code injection using tools like GameShark and Cheat Engine, to the creative exploitation of glitches and zero day discoveries such as Log4Shell, video games have always been a target for manipulation aimed at gaining an unfair advantage. There have been notable video game hacks that have impacted security as a whole, and these could continue to get more severe as more complex technology emerges with the rise of virtual reality. This journey will walk through the evolution and predictions for what video game and virtual reality hacking could mean for the future of security. By examining the intersection of video gaming and security, this can offer insights that are relevant to practitioners, researchers, and gamers alike.

Speakers

Jenna Lawrence

Jenna Lawrence is a Security Engineer at L2 Cyber Solutions based in Denver, Colorado. Most of her day-to-day work is consulting on a government contract with a focus on maintaining security related documentation and managing vulnerabilities in the organization. Previously, she was... Read More →

Samantha Peters

Samantha Peters is an industry professional and Army veteran currently working full time as an enterprise penetration tester. I've always had a natural curiosity and stubbornness which led to a lot of late nights trying to understand why and how video games and their exploits worked... Read More →

Thursday October 10, 2024 11:00am - 11:50am MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

11:00am MDT

Designing Active Directory Job Functional Security - One Group for Least Privilege

Thursday October 10, 2024 11:00am - 11:50am MDT

Deadwood Mountain Grand - Hotel Lobby 3rd Floor

Speakers

Kent Ickler

Antisyphon Training

Kent started his Information Technology career working for an Internet Service Provider supporting the MidWest’s broadband initiatives of the early 2000s. His interest in technology and business operations drove his career into working for multiple Fortune 500 companies and equipping... Read More →

Thursday October 10, 2024 11:00am - 11:50am MDT
Deadwood Mountain Grand - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, 50 Minute Talk

12:00pm MDT

Lunch

Thursday October 10, 2024 12:00pm - 1:00pm MDT

Deadwood Mountain Grand - General Session

Thursday October 10, 2024 12:00pm - 1:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Lunch

12:30pm MDT

Book Signing

Thursday October 10, 2024 12:30pm - 1:00pm MDT

Deadwood Mountain Grand - General Session

Join us for an exclusive book signing with Mishaal Khan, the co-author of “The Phantom CISO”. Meet the author, bring your copy or grab one on-site, and enjoy the chance to chat with him all week long!

Speakers

Mishaal Khan

Mishaal is a highly respected figure in cybersecurity, with expertise in ethical hacking, Open Source Intelligence (OSINT), social engineering, and privacy. Mishaal's engaging approach involves live demos, making cybersecurity accessible and enjoyable, while his strength lies in rapidly... Read More →

Thursday October 10, 2024 12:30pm - 1:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

12:30pm MDT

CTF 101 – How to Play and Win

Thursday October 10, 2024 12:30pm - 1:00pm MDT

Deadwood Mountain Grand - Main Stage

Capture the Flag (CTF) competitions offer a great way to acquire new technical skills while having fun and meeting new people. If you have never participated in a CTF event before, it can feel intimidating to try. This quick talk will walk you through the different types of cybersecurity competitions and go over jeopardy-style CTFs. You will learn what skills are needed to participate, how to approach the challenges, and what are some of the common tools you may want to be familiar with. We will go over a few example CTF challenges as a group. We hope that you walk away not only with some new security skills but also the confidence to participate in a CTF on your own.

Speakers

Roman Bohuk

MetaCTF

Roman Bohuk is the co-founder and CEO of MetaCTF, a cybersecurity training company. Since 2014, his team has run over 250 cybersecurity competitions for various universities, Fortune 500 companies, and conferences, including the 2023 International Cybersecurity Challenge and the 2023... Read More →

Thursday October 10, 2024 12:30pm - 1:00pm MDT
Deadwood Mountain Grand - Main Stage 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

1:00pm MDT

Unlocking Physical Security: 3D Printing Your Way Inside

Thursday October 10, 2024 1:00pm - 1:15pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Every hacker wants more cool stuff and many of us have a 3D printer gathering dust in the corner. In my presentation "Unlocking Physical Security: 3D Printing Your Way Inside." I will inspire the audience to buy more filament and start preheating their print beds to extrude a collection of valuable physical security tools (both offensive and defensive). This talk goes over a handful of original (never before seen) designs, 3D-printable versions of existing tools, explains how to use each tool with demonstration videos, offers practical advice to those who want to 3D print their own physical security tools, and shows the audience where they can find my models and others to print.

Speakers

Noah Pack

Noah Pack is a penetration tester at WebCheck Security with 10+ years of experience in 3D printing and CAD. Noah owns and operates JPID Engineering, a 3D printing and consulting business. He has hundreds of downloads of his CAD models from websites like Printables, Thingiverse, and... Read More →

Thursday October 10, 2024 1:00pm - 1:15pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

1:00pm MDT

Gravwell CE for Logs: The Truth Is In There

Thursday October 10, 2024 1:00pm - 1:30pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Whether you're experimenting in your homelab or building "Management Pacification Dashboards" for work, logs are crucial.

Join Gravwell founder Corey Thuen as he uses the Gravwell CE (free 15gb/day for personal OR commercial use) to teach basic log correlation, plus a bit of advanced techniques to show the "art of the possible".

Speakers

Corey Thuen

Gravwell Co Founder & CEO, Gravwell

Corey Thuen co-founded Gravwell to enable log management of every data type an organization might need for success -- analyzing binary packets alongside syslog with a dash of business KPIs enables analytics that improve the entire organization, not just reduce security risk.Prior... Read More →

Thursday October 10, 2024 1:00pm - 1:30pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

1:00pm MDT

EDR Internals for macOS and Linux

Thursday October 10, 2024 1:00pm - 1:50pm MDT

Deadwood Mountain Grand - Track 1

Endpoint Detection and Response (EDR) agents typically comprise multiple sensory components that collect information from various telemetry sources the operating system provides. Many public blogs and conference talks have covered Windows telemetry sources, such as kernel callbacks and ETW, but only some mention macOS and Linux equivalents.

Developers using macOS often have privileged cloud accounts or access to intellectual property such as source code. Linux servers may host customer-facing interfaces or applications that access sensitive databases. Defenders must have confidence in their tools for these systems, and attackers must understand how to evade them.

This talk will detail telemetry sources available to EDR on macOS and Linux and compare them to Windows equivalents. The sources commonly used to monitor process creation, shared library loading, networking, and file activity will be described based on the presenter's observations while reverse engineering popular EDR agents.

Speakers

Kyle Avery

Kyle Avery has been interested in computers for his entire life. Growing up, he and his dad self-hosted game servers and ran their own websites. He focused on offensive security in university and has spent the last few years learning about malware and post-exploitation. Kyle previously... Read More →

Thursday October 10, 2024 1:00pm - 1:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

1:00pm MDT

The Hackening: Lessons learned compromising MSPs!

Thursday October 10, 2024 1:00pm - 1:50pm MDT

Deadwood Mountain Grand - Track 2

The security community often criticizes MSPs, claiming they offer lax security, don't take security seriously, and generally implement weak practices. Some presentations even use "fake" MSP breaches as their foundation.
But what if we actually tested this ourselves?
Join Matt Lee and Jason Slagle as they delve into the data and lessons learned from attempts to breach MSPs. We'll review findings from our efforts to assess and breach a sample of 60 MSPs that volunteered for this study.
Will we succeed? Will we be blocked? What commonalities and weaknesses will we uncover? Join us to discover what we learned.

Speakers

Matt Lee

Matt Lee has dedicated the last 13 years to raising the cyber security tide in the SMB, and MSP markets. His efforts have served in every capacity in a growing MSP that grew to support 20,000 endpoints. His leadership around technology direction, and security/compliance, protected... Read More →

Jason Slagle

Jason Slagle is a many year veteran of systems and network administration. Having worked on everything from Linux systems to Cisco networks and SAN storage, he is always looking for ways to make his work repeatable and automated. Jason has recently taken up a more active interest... Read More →

Thursday October 10, 2024 1:00pm - 1:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

1:00pm MDT

Level Up OSINT

Thursday October 10, 2024 1:00pm - 3:00pm MDT

Homestake Adams Research and Cultural Center - Second Floor

Dive into the dynamic world of Open Source Intelligence (OSINT) with this two-hour workshop designed to give you a tantalizing taste of practical online investigations and threat hunting. Led by a seasoned professional, this immersive session offers a condensed yet impactful introduction to essential OSINT techniques.

Experience the power of hands-on learning as you engage in live demonstrations, exploring key concepts such as operational security (OpSec), search engine queries, username and phone number lookups, social media reconnaissance, breached records analysis, government data exploration, network reconnaissance, historical records, and essential documentation, all within the span of this engaging workshop. Through interactive exercises and guided discussions, participants will gain a glimpse into the world of OSINT.

Join us for this brief yet immersive journey into the realm of online investigations and threat hunting, and take your first step towards mastering the art of OSINT.

Speakers

Mishaal Khan

Thursday October 10, 2024 1:00pm - 3:00pm MDT
Homestake Adams Research and Cultural Center - Second Floor 150 Sherman St, Deadwood, SD 57732, USA

HARCC - Second Floor, Workshop

1:25pm MDT

Mind Over Malware: Harnessing Psychology to Fortify Cybersecurity

Thursday October 10, 2024 1:25pm - 1:40pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Discover how psychological theories can revolutionize cybersecurity practices! This presentation explores the transformative potential of Attention Restoration Theory (ART) and Social Cognitive Theory (SCT) in enhancing cybersecurity measures. By optimizing work environments to rejuvenate mental focus (ART) and leveraging social influences and self-efficacy to boost security compliance (SCT), let's shed light on strategies that minimize human errors and amplify vigilance. Dive into a session that blends theory with practical solutions, paving the way for a cybersecurity culture that's as robust as user-centric. Get ready to shift from traditional defenses to psychologically empowered cybersecurity tactics!

Speakers

Jenn Ferreras

Jenn, a Malware Threat Hunter who mistakenly took a turn into cybersecurity while chasing a particularly deceptive flamingo image on Twitter. Now deep in the throes of a cybersecurity Ph.D., Jenn explores the peculiar quirks of human behavior in the digital security realm.Before cybersecurity... Read More →

Thursday October 10, 2024 1:25pm - 1:40pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

1:40pm MDT

Jargon

Thursday October 10, 2024 1:40pm - 2:10pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Jargon is a shellcode obfuscation method that substitutes dictionary words in place of shellcode bytes and uses each word's position in a dictionary array to resolve the shellcode bytes at runtime. This provides two benefits - your loader doesn't have any shellcode, and the use of dictionary words reduces the entropy of your loader, sidestepping entropy detections built into some AV & EDR. We've found Jargon to be highly effective in evading detection.

Speakers

Mike Saunders

Principal Consultant, Red Siege

Mike Saunders is Red Siege Information Security’s Principal Consultant. Mike has over 25 years of IT and security expertise, having worked in the ISP, banking, insurance, and agriculture businesses. Mike gained knowledge in a range of roles throughout his career, including system... Read More →

Thursday October 10, 2024 1:40pm - 2:10pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

1:50pm MDT

Let's Talk Hacking SNMP

Thursday October 10, 2024 1:50pm - 2:05pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Although Simple Network Management Protocol (SNMP) is a critical protocol for system and network administrators, a comprehensive SNMP version 1/2c/3 hacking methodology has not been clearly documented. This presentation will explain how to correctly perform SNMP password attacks, test SNMP read/write permissions, and how to exploit any successful access. A Python wrapper script will be introduced to automate these tedious steps across a large scope of systems especially given Windows's required access to multi-function devices. In addition to describing how to correctly assess SNMP, recommended approaches for mitigation will be stated so that SNMP can be locked down to to only authorized persons.

Speakers

Lucas Hennessy

Lucas Hennessy is a manager at Crowe LLP where he leads the penetration testing services for the financial services industry. He graduated from Purdue University with a Bachelor of Science double major in Cybersecurity and Network Engineering Technology. Having spent two years competing... Read More →

Thursday October 10, 2024 1:50pm - 2:05pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

2:00pm MDT

Red Team Tactics in a DevOps Deployment

Thursday October 10, 2024 2:00pm - 2:50pm MDT

Deadwood Mountain Grand - Track 1

Ever wondered how a red team targets DevOps automation and CI/CD environments? Join us as we provide unique insight into a real-world attack path that ended in a complete compromise of an organizations cloud resources and third-party platforms. In this presentation, we will uncover some red team tradecraft that highlights the difficulty of securing build servers, deployment processes, and source-code repositories. We will look at what was done right, what was done wrong, and how understanding your target environment can lead to bringing down the house of cards without ever stepping onto the internal network. This is a high-paced technical talk that includes initial access, lateral movement, privilege escalation, evasion, and persistence of a CI/CD deployment in the cloud.

Speakers

Mike Felch

Mike Felch (known online as @ustayready) is a red teamer with over 25 years in cybersecurity. Mike works as a Principal Security Consultant at TrustedSec on the Targeted Ops red team where his primary focus is on long-term engagements covering a variety of technology stacks, network... Read More →

Thursday October 10, 2024 2:00pm - 2:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

2:00pm MDT

Hack the Boardroom: Mastering the Art of Communicating Cyber Risks to Secure Funding

Thursday October 10, 2024 2:00pm - 2:50pm MDT

Deadwood Mountain Grand - Track 2

In today’s relentless cybersecurity battlefield, technical teams often find themselves lost in translation when conveying complex risks and vulnerabilities to senior executives and board members. Breaking through this communication barrier is essential for securing the support and funding necessary to drive pivotal cybersecurity initiatives.

Speakers

Jaclyn (Jax) Scott

Jaclyn "Jax" Scott is a distinguished leader within the cybersecurity sector, bringing together nearly 16 years of in-depth experience both from the military and civilian sectors spanning IT and cybersecurity. A key highlight of her career includes critical strategic support to global... Read More →

Thursday October 10, 2024 2:00pm - 2:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

2:00pm MDT

SOC Meet and Greet

Thursday October 10, 2024 2:00pm - 4:00pm MDT

Martin Mason Hotel

**Join Us for the SOC Meet and Greet!**

Ever wondered what it takes to run a successful Security Operations Center (SOC) program? Are you interested in learning how to effectively protect organizations from evolving threats?

Don’t miss the opportunity to connect with experts in the field at our inaugural SOC Meet and Greet! This event is designed for professionals at all levels who want to deepen their understanding of SOC operations and enhance their skills.

Thursday 2 p.m. to 4 p.m. - Martin Mason Ballroom, 33 Deadwood Street, Deadwood

Thursday October 10, 2024 2:00pm - 4:00pm MDT
Martin Mason Hotel 33 Deadwood St, Deadwood, SD 57732, USA

2:15pm MDT

Evil Twin Attack Without WiFi Pineapple

Thursday October 10, 2024 2:15pm - 2:30pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

The goal of the presentation is to showcase how to perform the Evil Twin Attack exploit without the use of a Wifi pineapple as well as to showcase how to bypass randomization of wireless channels on wireless access points

Speakers

Roy Bull

Self-Taught Cyber Security Professional with a background in Software Engineering, IT Technical Support, Security Engineering, and proficiency in Electrical engineering and Reverse Engineering.

Thursday October 10, 2024 2:15pm - 2:30pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

2:20pm MDT

Warhorse

Thursday October 10, 2024 2:20pm - 2:50pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Attack Automation Framework. Existing tool but major rewrite.

Speakers

Ralph May

Ralph is a security analyst and penetration tester at Black Hills Information Security. Ralph is also a co-developer and instructor of the Practical Physical Exploitation course. Before joining BHIS, Ralph spent five years performing offensive operations on a wide range of security... Read More →

Thursday October 10, 2024 2:20pm - 2:50pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

2:40pm MDT

Beyond Blacklists: Security in the Age of AI

Thursday October 10, 2024 2:40pm - 2:55pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

As Artificial Intelligence (AI) and Large Language Models (LLMs) diffuse into everyday business use, these new technologies present novel challenges for IT Staff, Security, Compliance and Development Teams. How can practitioners ensure AI is used securely and follows company and industry guidelines? This session will present an overview of AI usage in the enterprise and how companies can safely control and harness this new power that AI can provide.

Speakers

Feynman Liang

Dr. Feynman Liang is the Chief Technology Officer for Blueteam AI with a PhD from UC Berkeley and 10+ years of AI experience. He develops products which enable businesses to confidently adopt GenAI technologies while continuing to meet their security compliance requirements. As @feynman... Read More →

Thursday October 10, 2024 2:40pm - 2:55pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

3:00pm MDT

RITA

Thursday October 10, 2024 3:00pm - 3:30pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

The open source threat hunting tool RITA has just dropped a new version and it has been completely updated. The backend is 10X faster, it has an ASCII graphical interface based on Charm Bracelet BubbleTea, and the workflow has been optimized so that everything is available through a single screen. In this talk I'll show you how to get RITA up and running and how to use it to find potential command and control channels on your network.

Speakers

Chris Brenton

Antisyphon Training

Chris Brenton, COO of Active Countermeasures, has been a leader in the IT and security industry for over 20 years. He’s a published author of multiple security books and the primary author of the Cloud Security Alliance’s online training material. As a Fellow Instructor, Chris... Read More →

Thursday October 10, 2024 3:00pm - 3:30pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

3:00pm MDT

Offense for Defense

Thursday October 10, 2024 3:00pm - 3:50pm MDT

Deadwood Mountain Grand - Track 1

This presentation focuses on the offensive tools that defenders should running, to identify high-impact security issues on their network. Explore the proactive advantages of offensive security tools that can be quickly and easily be run by defenders to better protect and defend their network. Attendees will learn how offensive security tools enable defenders to stay ahead of potential adversaries, enhancing network resilience and safeguarding against breaches effectively.

Speakers

Tim Medin

Red Siege

Tim is the CEO of Red Siege, a infosec company focusing on pen testing. Tim is a former Senior Instructor and course author (SEC560) at SANS. Through the course of his career, Tim has performed penetration tests on a wide range of organizations and technologies. Tim has gained information... Read More →

Thursday October 10, 2024 3:00pm - 3:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

3:00pm MDT

A Post-Incident Case Study for SMB Response Teams

Thursday October 10, 2024 3:00pm - 3:50pm MDT

Deadwood Mountain Grand - Track 2

This presentation will delve into a real-world cybersecurity incident involving a masked application attack on an SMB environment. Using an anonymized incident narrative, we'll walk through the response process from the perspective of a small to medium-sized business team. The presentation will highlight the importance of early detection, the challenges of identifying sophisticated threats, and the critical role of proper incident response procedures.

We'll examine the attack timeline, from the initial malware download disguised as legitimate software to the attacker's lateral movement and attempts at data exfiltration. Key focus areas will include the significance of user awareness, the value of multi-layered security controls, and the effectiveness of SIEM and endpoint detection solutions in identifying suspicious activities.

The presentation will also cover practical lessons learned, including the importance of least privilege principles, robust password policies, and regular security testing. We'll discuss how SMBs can improve their security posture by implementing these lessons and leveraging available tools and best practices.
By analyzing this incident, attendees will gain valuable insights into real-world attack techniques, effective response strategies, and proactive measures to enhance their organization's cybersecurity resilience. The session will conclude with actionable takeaways for SMBs to better prepare for and respond to similar threats in their own environments.

Speakers

Amanda Berlin

(@infosystir) Amanda Berlin is a Lead Incident Detection Engineer for Blumira and the CEO and owner of the nonprofit corporation Mental Health Hackers. She is the author for a Blue Team best practices book called Defensive Security Handbook: Best Practices for Securing Infrastructure... Read More →

Thursday October 10, 2024 3:00pm - 3:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

3:05pm MDT

Tow Away Zone: The Dark-Side of Domain Parking

Thursday October 10, 2024 3:05pm - 3:20pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Companies or individuals often sit on domains for later use, and can even make a “passive income" off of these unused domains. The monetary incentives of the domain parking system lead to these parked domains becoming littered with malware and potentially putting consumers in danger. This talk is essentially a PSA, and gives an overview of the phenomenon including stakeholder analysis, perverse incentives, and why you might want to reconsider parking your domains.

Speakers

Cameron Cartier

Security Analyst, Black Hills Information Security

Thursday October 10, 2024 3:05pm - 3:20pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

3:15pm MDT

A Hacker's Guide to Mindfulness

Thursday October 10, 2024 3:15pm - 5:15pm MDT

Homestake Adams Research and Cultural Center - Second Floor

"A Hacker's Guide to Mindfulness" aims to explore the intersection of mindfulness practices and the hacker mindset. Hacker’s are already uniquely trained to question assumptions and just “see what happens”; this is the core curiosity needed to unlock the cheat codes in life via various mindfulness practices.

This workshop will give attendees an introduction to a large amount of mindfulness practices relating them to things most of us do every day in our infosec jobs. We won't just talk about these techniques, we will go through these exercises so the attendees can do them at least once together and have a solid starting point to expand their practice after the workshop.

Workshop topics:
* Core Programming: Understanding how our beliefs were programmed into us at an early age and what we can and should do about that.
* Limiting Beliefs: Identifying and overcoming limiting beliefs that hinder personal and professional growth.
* Brules (Bullshit Rules): Examining and challenging societal and industry norms that may be limiting or outdated.
* Meditation: Exploring different meditation practices and their benefits for mental clarity, stress reduction, and improved focus.
* Breathwork: Techniques for using breathwork to manage stress, increase energy levels, and enhance mindfulness.
* Burnout: Strategies for preventing and recovering from burnout in the fast-paced world of hacking and programming.
* Distraction: Techniques for minimizing distractions and increasing productivity in coding and problem-solving tasks.
* Life Purpose: exploring who am I?, where am I going? and a different approach to goal setting
* Spiritual DevOps: Applying principles of DevOps to spiritual growth, including continuous improvement and collaboration.

Speakers

Chris Gates

Thursday October 10, 2024 3:15pm - 5:15pm MDT
Homestake Adams Research and Cultural Center - Second Floor 150 Sherman St, Deadwood, SD 57732, USA

HARCC - Second Floor, Workshop

3:30pm MDT

Lessions Learned in a Year of Social Engineering

Thursday October 10, 2024 3:30pm - 3:45pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Many organizations current policies and controls allow for their helpdesks to reset users passwords and multi-factor authentication, which makes those helpdesks a prime target for social engineering attacks such as those demonstrated in the past by threat actors like the ALPHV/BlackCat ransomware groups. This talk will cover common tactics successfully used by threat actors, and emulated by BHIS's ANTISOC team, as well as policies and procedures that can help deter such attacks.

Speakers

Alice Thorne

Alice is a security analyst on the ANTISOC team for Black Hills Information Security, where she has found success and enjoyment in social engineering.Prior to working at Black Hills Information Security, Alice did stuff and things, where she made memories and had experiences.Outside... Read More →

Thursday October 10, 2024 3:30pm - 3:45pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

3:40pm MDT

Adam and Eve

Thursday October 10, 2024 3:40pm - 4:10pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Adam and Eve is a Remote Access Tool, socket (and HTTP) server used to interact with Active Directory Environments across the Internet via a Flask API. It is modular so custom commands, as well as custom scripts can be uploaded and invoked on a client machine in real time.

Speakers

Darryl Baker

Darryl G. Baker, CISSP, CEH is a cybersecurity consultant for Trimarc, LLC and is a "Swiss Army Knife" of technology. After serving in the U.S. Army for 10 years, he shifted his focus primarily to technology and cybersecurity. He has published multiple whitepapers, as well as webcasts... Read More →

Thursday October 10, 2024 3:40pm - 4:10pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

3:55pm MDT

Getting Started in Entra ID Security

Thursday October 10, 2024 3:55pm - 4:10pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Speakers

Jonathan Rogers

Jonathan Rogers is a lifelong nerd with a never ending curiosity and a passion to know how things work. He loves helping others learn more about cybersecurity and helping them secure their companies. He's the father to an amazing wife and awesome son. As his day job he works as a... Read More →

Thursday October 10, 2024 3:55pm - 4:10pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

4:00pm MDT

The Art of Lurking: Effective C2 Channels

Thursday October 10, 2024 4:00pm - 4:50pm MDT

Deadwood Mountain Grand - Track 1

Lurking means to wait or move in a secret way so that you cannot be seen. On a red team or assumed breach operation, our success hinges on how our implants communicate with us. The way these communications happen - how fast, how often, and how much data is exchanged - is key to realistically mimicking cyber attackers. In this talk, I'll break down the essentials of choosing a Command and Control (C2) channel and share some clever tactics and commonly used services that help us stay under the radar and gain the upper hand in our target's environment. Get ready for a behind-the-scenes look at the stealthy side of cybersecurity.

Speakers

Corey Overstreet

Senior Security Consultant, Red Siege

Corey has been engaged with Fortune 500 organizations across a variety of industries, including financial services, government services, and healthcare and is widely recognized for his in-depth OSINT talks and workshops. Additionally, he is a Black Hat trainer and has spoken at conferences... Read More →

Thursday October 10, 2024 4:00pm - 4:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

4:00pm MDT

Critical Infrastructure in Critical Condition: Avoiding Doubt in the Face of Fear and Uncertainty

Thursday October 10, 2024 4:00pm - 4:50pm MDT

Deadwood Mountain Grand - Track 2

As a “person of a certain age, with certain experiences”, I can attest that life is fraught with uncertainty. Society is increasingly dependent on undependable technology. (This is, after all, why we all have jobs.) Whether from extreme weather, hostile events, squirrels with poor judgment, or from the random chaos of normal life, disruptions seem increasingly frequent. Incidents are also likely to be more complex, with more chaotic effects. Without electricity for power, communications can be disrupted. Without water, medical care becomes virtually impossible very quickly. The potential effects have gone beyond inconvenient to existential.

Adding fear to uncertainty, China has announced its intention to annex Taiwan by 2027. US cybersecurity leadership has testified that a Chinese hacking group known as Volt Typhoon has been conducting campaigns to pre-position malware in US water infrastructure. The goal of these campaigns is to create a credible threat (disruption of the water supply, with predictable consequences) to the US in support of its annexation of Taiwan.

As civic-minded members of the cybersecurity community, how can we respond to these threats in ways that will avoid encouraging doubt and will inspire confidence in the communities and neighborhoods in which we live? I hope that you will leave this talk better informed, and inspired to do at least one thing in your neighborhood and community that will influence others to do the same

Speakers

Ray Davidson

Ray Davidson recently retired from leading the Michigan Cyber Civilian Corps, which was the first state-sponsored team of civilian incident responders in the country. He is currently working to expand the practice of cyber civil defense across the country, with particular attention... Read More →

Thursday October 10, 2024 4:00pm - 4:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, 50 Minute Talk

4:20pm MDT

Still living with AD(H)D in Infosec

Thursday October 10, 2024 4:20pm - 4:45pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

I’ve been in Infosec for almost 20 years. I also have AD(H)D. This talk is my story; how I kept feeling something was off until diagnosed 5 years ago, what impact ADHD and being diagnosed had on my life and why one should always confront realities and get the best out of it.I'll also talk about what I learned since last year and the talk I did at WWHF 2023 and about which advantages me and others with a similar diagnose has that makes them unique and helped them accomplish great things in life.An important learning for me since I started talking about neurodiversity is that there is an overrepresentation of mental diagnoses in infosec. This is my attempt to educate, break down taboos and inspire others to learn about themselves and others and hopefully get a better life.

Speakers

Klaus Agnoletti

Klaus Agnoletti has been an all-round infosec professional since 2004. As a long-time active member of the infosec community in Copenhagen, Denmark, he co-founded BSides København in 2019. Currently he's a freelance storytelling cyber security advisor specializing in security transformation... Read More →

Thursday October 10, 2024 4:20pm - 4:45pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, 15 Miinute Talks

4:20pm MDT

PowerPug

Thursday October 10, 2024 4:20pm - 4:50pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Speakers

Jake Hildreth

Jake Hildreth is a man of many roles - a devoted husband, a fun-loving dad, and a seasoned IT expert. With over twenty years entrenched in the world of technology, he serves as a trusted Senior Security Consultant at Trimarc, leading Trimarc's Active Directory (AD) Security Assessment... Read More →

Thursday October 10, 2024 4:20pm - 4:50pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

5:00pm MDT

DarkWidow

Thursday October 10, 2024 5:00pm - 5:30pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

This is a Dropper/Post-Exploitation Tool targeting Windows machine.

The capabilities it possesses are:
1. Indirect Dynamic Syscall
2. SSN + Syscall address sorting via Modified TartarusGate approach
3. Remote Process Injection via APC Early Bird (MITRE ATT&CK TTP: T1055.004)
4. Spawns a sacrificial Process as the target process
5. ACG(Arbitrary Code Guard)/BlockDll mitigation policy on spawned process
6. PPID spoofing (MITRE ATT&CK TTP: T1134.004)
7. Api resolving from TIB (Directly via offset (from TIB) -> TEB -> PEB -> resolve Nt Api) (MITRE ATT&CK TTP: T1106)
8. Cursed Nt API hashing
9. If blessed with Admin privilege:
Disables Event Log via killing all threads of svchost.exe, i.e. killing the whole process (responsible svchost.exe)

Version 2 is upcoming!
Will be released at BlackHat Asia 2024 at 18th of April, 2024, which has Synthetic Frame Thread Stack Spoofing version enabled.

And in the End, I will showcase my tool demo video which would perform a successful Execution of payload and provide Crystal clear Event Log against Sophos XDR enabled Environment.

Speakers

Soumyanil Biswas

Currently into Security Research. Though I have an electronics background, I have an immense interest in information security. Former Speaker BSides Singapore 2023. Black Hat Asia 2024 Presenter.I'm learning new stuff day in and day out. I'm passionate about offensive security more... Read More →

Thursday October 10, 2024 5:00pm - 5:30pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

5:00pm MDT

When I Grow Up, I Wanna Be a Script Kiddie

Thursday October 10, 2024 5:00pm - 5:50pm MDT

Deadwood Mountain Grand - Track 1

Meterpreter session 1 opened! ... "Wait, you're using Metasploit? Pfft, why didn't you write your own custom implant-loader-beacon-shellcode-dropper-payload, you n00b!?! Skill issue, RTFM and git gud." Ah, to tool or not to tool, that is... a question. Whether you're rocking some l33t Arch Linux RICE to write your own custom kernel and C2 framework, or you're hacking with someone else's PowerShell script: join John Hammond for a slap in the face presentation on why your righteous tooling doesn't matter. We'll dig into the good, the bad, and the ugly -- vim or nano? Python or Rust? Who cares... but let's ask why it is up for debate in the first place. Filled to the brim with imposter syndrome, breaking down the gates from gatekeepers, this session is a comedy farce that you've got to `git checkout`. Ya stinkin' script kiddie.

Speakers

John Hammond

John Hammond is a cybersecurity researcher, educator and content creator. As part of the Research & Development Threat Operations team at Huntress, John spends his days analyzing malware and making hackers earn their access. Previously, as a Department of Defense Cyber Training Academy... Read More →

Thursday October 10, 2024 5:00pm - 5:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

5:00pm MDT

Counter-Terrorism with Strings

Thursday October 10, 2024 5:00pm - 5:50pm MDT

Deadwood Mountain Grand - Track 2

Several real-world case studies will be presented in which analysis of network-based evidence was sufficiently done with nothing more sophisticated than 'strings'.

Speakers

Jonathan Ham

Jonathan Ham is an anthropologist who was academically kidnapped in 1992 and forced into cybersecurity by well-meaning college friends. He was made to learn TCP/IP at the bit-level of protocol structures, and to learn to fight evil at all 7 layers of the OSI model. From the ashes... Read More →

Thursday October 10, 2024 5:00pm - 5:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

6:00pm MDT

Chuckwagon Steak Dinner

Thursday October 10, 2024 6:00pm - 8:00pm MDT

Deadwood Mountain Grand - General Session

Your dinner is prepared by the renowned chuck wagon cooking duo, Clayton and Rhonda Sanders.
Steak- Locally grown ball tip sirloin beef steak
Sides- Clayton’s secret recipe; slow-cooked baked beans. Dutch oven sides include fresh sliced fire-fried potatoes with bacon, onion, bell peppers, and seasonings.

Thursday October 10, 2024 6:00pm - 8:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Dinner

6:15pm MDT

Trivia

Thursday October 10, 2024 6:15pm - 6:45pm MDT

Deadwood Mountain Grand - General Session

Speakers

The Traveler

Thursday October 10, 2024 6:15pm - 6:45pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Fun and Games

7:00pm MDT

A Knight of Chess

Thursday October 10, 2024 7:00pm - 9:00pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Thursday October 10, 2024 7:00pm - 9:00pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, Fun and Games

7:00pm MDT

Old Time Photos

Thursday October 10, 2024 7:00pm - 10:00pm MDT

Deadwood Mountain Grand - Track 2

Thursday October 10, 2024 7:00pm - 10:00pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, Fun and Games

7:30pm MDT

Calf Roping and Stick Horse Rodeo

Thursday October 10, 2024 7:30pm - 9:30pm MDT

Deadwood Mountain Grand - General Session

Don't miss the opportunity to learn from, compete with and chew the fat with Wild West Hackin' Fest very own Cowboy! Cowboy Carl (aka: John's uncle) will teach you the best techniques for calf roping.

While you are at it, bring you best barrel racing move and compete in the first annual WWHF Stick Rodeo.

These events are sure to keep you grinning!

Speakers

Cowboy Carl

Join us for an unforgettable experience with Cowboy Carl at the Wild West Hackin' Fest! Hailing from the ranches of Northern South Dakota, Carl brings his authentic cowboy charm and humor to the event. Whether he's sharing tales from the trail or offering insights from his daily ranch... Read More →

Thursday October 10, 2024 7:30pm - 9:30pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Fun and Games

8:00pm MDT

Lockpicking Gun Fight

Thursday October 10, 2024 8:00pm - 9:00pm MDT

Deadwood Mountain Grand - General Sesson

Speakers

Jonathan Ham

Thursday October 10, 2024 8:00pm - 9:00pm MDT
Deadwood Mountain Grand - General Sesson 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Fun and Games

8:00pm MDT

Whose Slide is it?

Thursday October 10, 2024 8:00pm - 9:00pm MDT

Deadwood Mountain Grand - Main Stage

Speakers

Rand-O

Thursday October 10, 2024 8:00pm - 9:00pm MDT
Deadwood Mountain Grand - Main Stage 1906 Deadwood Mountain Dr, Deadwood, SD

Main Stage, Fun and Games