Wild West Hackin' Fest - Deadwood 2024: Full Schedule

It's only a matter of time before there's an attempt to steal your briefcase full of case files. Are you prepared?

The WWHF Agent Training Program will cover fundamental self defense techniques. These include: situational awareness, movement, strikes, and escapes from grabs and attacks. More advanced concepts including ground fighting maybe covered on the second day.

Speakers

Cameron Cartier

Security Analyst, Black Hills Information Security

Cameron Cartier joined Black Hills Information Security in 2023 as a Security Analyst. She specializes in web, mobile, and API hacking but likes all new research areas as well. Cameron received a Masters degree in computer science from the University of Utah and she loves to learn... Read More →

Friday October 11, 2024 8:00am - 8:45am MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Fun and Games

8:45am MDT

Updates and Announcements

Friday October 11, 2024 8:45am - 9:00am MDT

Deadwood Mountain Grand - General Session

Speakers

WWHF Staff

Friday October 11, 2024 8:45am - 9:00am MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

9:00am MDT

Hiding in Plain Sight - Shellcode Obfuscation Techniques

Friday October 11, 2024 9:00am - 9:50am MDT

Deadwood Mountain Grand - Track 1

It doesn’t matter how advanced your shellcode loader is, if you don’t protect your shellcode from prying AV & EDR sensors, you’re going to have a bad time. From simple encryption schemes like the Caesar cipher to more complex schemes like AES, reversing arrays, steganography, encoding shellcode as other data types, and other techniques, this talk will cover a variety of ways to hide shellcode in your loader. I’ll demonstrate how these techniques score against many engines using VirusTotal. In some cases, AV engines will detect the decoding routine. I’ll also discuss techniques you can use to break this detection. I will also be sharing a repository demonstrating the different evasion techniques discussed in this talk. Note – this talk will not cover behavioral evasion techniques like unhooking, direct and indirect syscalls, or other evasion techniques. Whether you’re new to obfuscating shellcode or an experienced pro, there’s something in this talk for you!

Speakers

Mike Saunders

Principal Consultant, Red Siege

Mike Saunders is Red Siege Information Security’s Principal Consultant. Mike has over 25 years of IT and security expertise, having worked in the ISP, banking, insurance, and agriculture businesses. Mike gained knowledge in a range of roles throughout his career, including system... Read More →

Friday October 11, 2024 9:00am - 9:50am MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

9:00am MDT

GeoINT Mastery: A pixel is worth a thousand words

Friday October 11, 2024 9:00am - 9:50am MDT

Deadwood Mountain Grand - Track 2

After this talk, you will never see images the same way again. This enlightening session explores the dynamic realm of GeoINT (Geospatial Intelligence), a captivating subset of OSINT (Open Source Intelligence) that unlocks a wealth of hidden insights within images and videos. From identifying objects, landscapes, and aircrafts to interpreting symbols, shadows, and reflections, we'll go deep into the art of imagery analysis. Learn how to decode the language of trees, signs, text and logos, and uncover the strategic implications behind seemingly mundane details. This talk promises to give you a taste of some next level skills that you can easily learn as I take you through multiple demos.

Speakers

Mishaal Khan

Mishaal is a highly respected figure in cybersecurity, with expertise in ethical hacking, Open Source Intelligence (OSINT), social engineering, and privacy. Mishaal's engaging approach involves live demos, making cybersecurity accessible and enjoyable, while his strength lies in rapidly... Read More →

Friday October 11, 2024 9:00am - 9:50am MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

9:00am MDT

Demystifying Deep Fakes

Friday October 11, 2024 9:00am - 9:50am MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

One area of increasing concern is the use of AI to create deep fakes in order to manipulate the public’s opinion on topics. In this talk, we will learn how AI is used to create deep fakes. We will also discuss current strategies that attendees can use to spot deep fakes and describe existing research and tools used for deep fake detection. After the talk, attendees will have a better understanding of deep fake technology and be armed with some techniques they can use to protect themselves.

Speakers

Anmol Agarwal

Dr. Anmol Agarwal is a senior security researcher focused on securing 5G and 6G. Her research interests include AI and Machine Learning security. She is also a part-time adjunct professor teaching Machine Learning to doctoral students. She holds a doctoral degree in cybersecurity... Read More →

Friday October 11, 2024 9:00am - 9:50am MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, 50 Minute Talk

9:00am MDT

ProCircular Escape Room - Sponsored by Gravwell

Friday October 11, 2024 9:00am - 4:00pm MDT

Deadwood Mountain Grand - Hotel Lobby 3rd Floor

Step into the shoes of a cybersecurity professional in the form of a cyber escape room experience. In this interactive session, you and your team will face a simulated crisis: A cyber attacker, has breached your company's defenses and is stealing sensitive data. Your mission? Work together to uncover the hacker's username and password, track down the stolen files, and identify the type of information that has been compromised.

This scenario challenges participants to think critically and collaborate effectively. A mysterious briefcase, filled with cryptic clues and hidden messages, has been left behind by the attacker. To thwart the hacker's plans, you'll need to decipher the clues, recognize phishing attempts, and classify the compromised data. As you progress, you’ll learn cybersecurity skills, such as creating strong passwords, cryptography basics, phishing email identification, and data classification skills, while racing against the clock to secure your company’s most valuable assets.

Can your team outsmart the hacker and prevent a data breach? Join us in the ProCircular Cyber Escape Room to find out!

Speakers

Brandon Potter

CTO, ProCircular

With over 20 years of experience in Information Technology, including 14 years in cybersecurity, Brandon brings a wealth of knowledge and a dynamic approach to the industry. He excels at forging strong partnerships with clients, understanding their unique business objectives, and... Read More →

Sponsors

Gravwell

Get the best out of your data, even the binary kind. Our built-from-scratch modern solution offers unrestricted data ingest and powerful root cause analysis. Cut through the cybersecurity noise with half the compute power. Ideal for from SOC Analysts to CISOs and even IT heroes who... Read More →

Friday October 11, 2024 9:00am - 4:00pm MDT
Deadwood Mountain Grand - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

DMG Hotel Lobby 3rd Floor, Fun and Games

9:00am MDT

Spearphish General Store

Friday October 11, 2024 9:00am - 4:00pm MDT

Deadwood Mountain Grand - General Session

Friday October 11, 2024 9:00am - 4:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

9:00am MDT

Visit the Sponsors

Friday October 11, 2024 9:00am - 4:00pm MDT

Deadwood Mountain Grand - General Session

Friday October 11, 2024 9:00am - 4:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Fun and Games

9:00am MDT

Hands-on-Labs

Friday October 11, 2024 9:00am - 4:00pm MDT

Deadwood Mountain Grand - Main Stage

Friday October 11, 2024 9:00am - 4:00pm MDT
Deadwood Mountain Grand - Main Stage 1906 Deadwood Mountain Dr, Deadwood, SD

Main Stage, Fun and Games

9:00am MDT

MetaCTF

Friday October 11, 2024 9:00am - 4:00pm MDT

Deadwood Mountain Grand - Main Stage

Friday October 11, 2024 9:00am - 4:00pm MDT
Deadwood Mountain Grand - Main Stage 1906 Deadwood Mountain Dr, Deadwood, SD

Main Stage, Fun and Games

10:00am MDT

Never Say Anything: NSA Hacking for Defense at Scale

Friday October 11, 2024 10:00am - 10:50am MDT

Deadwood Mountain Grand - Track 1

In my first career, I spent 35 years at the National Security Agency as a Vulnerability Analyst for the defense, from junior analyst to executive manager. I also had the honor of helping found and lead two of the Nation’s largest organizations dedicated to this mission – the Systems and Network Attack Center, and the Vulnerability Analysis and Operational Group. At NSA, Vulnerability Analysis for defense was a “full spectrum” activity, designed to emulate the resources of a nation-state adversary and their ability to operate at scale. In this talk, I’ll offer a historical and personal perspective how this field of analysis evolved from a focus on mathematics and cryptography, through systems and software, and then to “live” operational systems. And what’s it like to spend a career as a cyberdefender for the DoD and the nation, but homed inside of an intelligence agency? We’ll discuss the mission, technical, and cultural interplay of cyberdefense and offense/intelligence as it played out at NSA. War stories, culture clashes, bureaucratic mazes? Of course! But in the end, better security for all.

Speakers

Tony Sager

Tony is currently Senior VP & Chief Evangelist for the Center for Internet Security (CIS), leading a wide variety of strategic, partnership, and outreach activities. He led the work which later became known as the CIS Critical Security Controls – an independent, volunteer-developed... Read More →

Friday October 11, 2024 10:00am - 10:50am MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

10:00am MDT

Epic Fails and Heist Tales: Red Teaming Toward Truly Tested Security

Friday October 11, 2024 10:00am - 10:50am MDT

Deadwood Mountain Grand - Track 2

Alethe takes audiences on a riveting journey into the realm of red teaming through captivating narratives and insightful analysis. Delving into real-life experiences, the keynote unveils the complexities and nuances of red team engagements, showcasing both the spectacular failures, and successful heists that provide invaluable lessons for enhancing organizational security. From epic missteps to meticulously planned operations, attendees will gain a deeper understanding of the pivotal role red teaming plays in fortifying defenses against emerging threats. Through engaging storytelling and practical insights, this presentation offers a compelling exploration of red teaming's transformative impact on shaping the security landscape of tomorrow.

Speakers

Alethe Denis

Senior Security Consultant, Bishop Fox

Alethe Denis is a Senior Security Consultant on the Red Team at Bishop Fox, who has advised and developed solutions and strategies that have driven improvement of global security programs. Her work has helped businesses unlock opportunities to enhance security awareness as well as... Read More →

Friday October 11, 2024 10:00am - 10:50am MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

10:00am MDT

Making the Jump: Everything You Need to Know About Moving into a Cybersecurity Leadership Role

Friday October 11, 2024 10:00am - 10:50am MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Does this describe you?

You have years of technical work experience under your belt. You’ve held many different roles and have worked successfully with other teams and departments. You’re great at what you do.

But you also have a spark in you – the one that lights up when you're mentoring new team members or brainstorming solutions with your peers. You have no problem dealing with difficult people and situations. You love a good challenge that requires multiple teams to solve, and people genuinely like working with you.

And you’ve been thinking lately: Should I make the move over to leadership?

Leadership means more responsibility, potentially less hands-on technical work, and maybe even some office politics. But it also means having a bigger voice, the chance to build a team and mentor others, and more opportunities for your career. Staying in your current role means mastering your craft, having more autonomy, and avoiding some of the headaches of management, but it might also mean hitting a ceiling in terms of influence or earning potential.
So, which path is right for YOU? It all boils down to what gets you fired up, what kind of impact you want to make, and where you'll be happiest.
In this talk, you’ll hear all about the good, the bad, and the ugly about being in cybersecurity leadership. You’ll learn about what it takes to succeed as a leader on technical teams. You’ll also learn about some tried-and-true ways of breaking into management roles. Whether you're itching for a change or just curious about your options, this talk will give you the information you need so you can choose your own path.

Speakers

Naomi Buckwalter

Naomi Buckwalter, CISSP CISM, is the Senior Director of Product Security for Contrast Security and author of the LinkedIn course: “Training today for tomorrow's solutions - Building the Next Generation of Cybersecurity Professionals”. She is the founder and Executive Director... Read More →

Friday October 11, 2024 10:00am - 10:50am MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, 50 Minute Talk

10:00am MDT

BYOS: Bring Your Own Satellite

Friday October 11, 2024 10:00am - 12:00pm MDT

Homestake Adams Research and Cultural Center - Second Floor

Speakers

Tim Fowler

Tim Fowler joined Black Hills Information Security (BHIS) in September 2021 as a Security Analyst. He previously worked for multiple financial institutions in roles such as Cyber Security Research Scientist, Manager of Cyber Range Operations, and Security Engineering, as well as spending... Read More →

Friday October 11, 2024 10:00am - 12:00pm MDT
Homestake Adams Research and Cultural Center - Second Floor 150 Sherman St, Deadwood, SD 57732, USA

HARCC - Second Floor, Workshop

10:00am MDT

Practical Soldering

Friday October 11, 2024 10:00am - 12:00pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Are you interested in learning how to solder? Well you are in luck! This year Rick Wisser and Dave Fletcher from BHIS have put together a soldering workshop where you can get some hands on experience soldering on a working project. Rick and Dave have had several years of experience related to all types of soldering related to contract manufacturing of printed circuit boards. The goal of the workshop is to get you familiar with soldering and how to avoid common mistakes in solder techniques. Rick and Dave will share proper techniques, tips, and pointers that simplifies the manual soldering process.

Speakers

Dave Fletcher

David Fletcher has been working for Black Hills Information Security (BHIS) as a Security Analyst since 2015. He has spent most of his career working for the US Air Force and engaged in a variety of disciplines within the IT industry including boundary defense, web and application... Read More →

Rick Wisser

Rick Wisser has been with the Black Hills Information Security (BHIS) team since 2015. He is a Security Analyst, GIAC Certified Incident Handler (GCIH), and a SANS NetWars Level 5 certificate holder. Rick has an associate degree in Electronic Technology and Computer Networking as... Read More →

Friday October 11, 2024 10:00am - 12:00pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, Workshop

11:00am MDT

Risk AIssessment

Friday October 11, 2024 11:00am - 11:50am MDT

Deadwood Mountain Grand - Track 1

In this talk, we'll present Risk AIssessment - a risk assessment framework for AI-enabled applications. With the rush to embed generative AI in everything but your toaster (oh, it's in that now too?) there are a lack of usable assessment frameworks for organizations that are deploying these AI-enabled applications. The NIST AI RMF is fantastic if you're building AI foundation models or consumer services, but it's ill-suited and overly complex for organizations just adopting an application that has generative AI features. In this talk, we'll introduce the framework and show how organizations can utilize it to evaluate their risk to decide whether to adopt an application, prioritize compensating controls, or select between competing applications. Finally, we'll share case studies from using Risk AIssessment in numerous consulting engagements and show how it can be used in your organization to highlight risks.

Speakers

Jake Williams

Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in the technology and security industries. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics... Read More →

Friday October 11, 2024 11:00am - 11:50am MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

11:00am MDT

Offensive Lab Environments - Without the Suck

Friday October 11, 2024 11:00am - 11:50am MDT

Deadwood Mountain Grand - Track 2

From building payloads, testing evasions, and practicing offensive techniques, a must-have for every seasoned tester is a lab environment. Join Travis as he demonstrates various methods for deploying dynamic AD lab environments for attack simulation with ease.

Speakers

Travis Kaun

Travis began his Information Security career-building *nix chops by managing firewalls and monitoring intrusion detection systems. After time spent on the defensive side in corporate roles, Travis put on an offensive cap for a consulting role and hasn’t looked back. Travis is a... Read More →

Friday October 11, 2024 11:00am - 11:50am MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

11:00am MDT

Not Doomed…Yet

Friday October 11, 2024 11:00am - 11:50am MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Let’s talk about the elephant in the room—or rather, the AI in the network. It's causing more drama than the 2017 Tay bot on Twitter. Sorry, not sorry, I meant “X”. From GenAI hoodwinking finance firms out of $25 million, to the shocking revelation that 77% of companies found their AI sitting in the corner with a dunce cap, marked "breached" in the past year. This conversation isn’t about whether ChatGPT is a security issue; it’s the fact that securing AI holes are big enough to drive a bus through. Sideways. This talk is more than just a chance to poke fun at our collective cybersecurity misfortunes; it’s a call to action. Because if we can’t laugh at our impending digital doom, what can we do? (Hint: Fix it. We can actually fix it.)

Speakers

Chloé Messdaghi

CEO & Founder, SustainCyber

Chloé Messdaghi is a cybersecurity leader dedicated to building strong relationships that drive the development of security standards and policies. She spearheads initiatives to strengthen AI security measures and fosters collaborative efforts to enhance industry-wide practices... Read More →

Friday October 11, 2024 11:00am - 11:50am MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, 50 Minute Talk

12:00pm MDT

Lunch

Friday October 11, 2024 12:00pm - 1:00pm MDT

Deadwood Mountain Grand - General Session

Friday October 11, 2024 12:00pm - 1:00pm MDT
Deadwood Mountain Grand - General Session 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Lunch

1:00pm MDT

Jigsaw

Friday October 11, 2024 1:00pm - 1:30pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Jigsaw is a shellcode obfuscation routine designed to hide your shellcode without requiring the use of encryption routines. Jigsaw works by generating an array (positions[]) the size of your shellcode and populates the array with random numbers, each representing a unique position in the original shellcode array. Jigsaw then creates a new shellcode array, jigsaw[], by iterating through the array of randomized positions. If first entry of the randomized positions array (positions[0]) is 100, then Jigsaw selects the byte at shellcode[100] and inserts it into jigsaw[0]. Jigsaw repeats this process until all shellcode bytes have been populated to the jigsaw[] array. While this tool is new, our testing indicates very few AV/EDR are aware of this technique. As a result, this technique could be an effective part of your shellcode loader arsenal.

Speakers

Mike Saunders

Principal Consultant, Red Siege

Friday October 11, 2024 1:00pm - 1:30pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

1:00pm MDT

All on Red: Shifting the Betting Odds to Defense

Friday October 11, 2024 1:00pm - 1:50pm MDT

Deadwood Mountain Grand - Track 1

You often hear the term, it only takes an adversary one main find to compromise an entire organization. The odds don't seem to be in our favor when it comes to defense. This talk will dive into effective methods to flip the odds into your own favor and things you can do quickly that doesn't take a three year strategic roadmap for. We'll be getting into some techniques you can leverage in deception and detection as well as methods that I've seen stop our red teams in the past. If I were a betting man, my bet is on defense.

Speakers

David Kennedy

TrustedSec & Binary Defense Systems

David Kennedy, is the founder of Binary Defense and TrustedSec and is considered an industry leader in cybersecurity. Former Chief Security Officer of Diebold, David has led global cybersecurity teams, testified before Congress, and shapes cybersecurity policy. He co-authored the... Read More →

Friday October 11, 2024 1:00pm - 1:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

1:00pm MDT

That's a Deal and That's a Legally Binding Offer: The Dark Side of AI

Friday October 11, 2024 1:00pm - 1:50pm MDT

Deadwood Mountain Grand - Track 2

Let's explore the darker side of AI! In this talk, we'll dissect various attack vectors such as prompt injection, malicious input designed to manipulate AI output; data extraction, which aim to siphon off sensitive information embedded within AI models; and evasion attacks, a nebulous category that includes techniques to deceive AI systems into incorrect processing or ignoring malicious content altogether.

Speakers

Brian Mead

I'm a seasoned cybersecurity professional with over 8 years of hands-on experience specializing in offensive security and conducting red team operations. With a passion for uncovering vulnerabilities and outsmarting adversaries, I thrive in the dynamic and challenging landscape of... Read More →

TJ Toterhi

I am an information security professional with experience in offensive and defensive operations. I am a penetration tester that's passionate about breaking and fixing systems and software. Realizing that not everyone shares this interest, I enjoy the opportunity to spread the good... Read More →

Friday October 11, 2024 1:00pm - 1:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

1:00pm MDT

Felon in Five Minutes

Friday October 11, 2024 1:00pm - 2:00pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

Felon in Five Minutes:

Peel back the mystique behind the most basic and effective ways that threat actors, criminals, and pentesters breach physical locations. All of these techniques can be done in less than five minutes.

Learn how to properly manage expectations and scoping for your next Physical Security adventures.

Speakers

Joseph Kingstone

Joseph Kingstone joined Black Hills Information Security (BHIS) in Fall 2021 as a Security Analyst. In this role, Joseph performs external and internal penetration tests, C2 pivots, and red teams. He’s had a desire to work at BHIS since transitioning into IT—and eventually penetration... Read More →

Friday October 11, 2024 1:00pm - 2:00pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, Workshop

1:00pm MDT

A Journey through Insecure Destialization

Friday October 11, 2024 1:00pm - 4:00pm MDT

Homestake Adams Research and Cultural Center - Second Floor

Discovering and exploiting Insecure Deserialization vulnerabilities is not a simple task. In some cases, testers are fortunate that the work has been done for them, and a known exploit can be leveraged to exploit this vulnerability. But honestly, that's no fun, and the reality is that sometimes it'll be on the tester to do the hard work. In this workshop, I will take participants on a journey through Insecure Deserialization. Together, we'll discover a novel Insecure Deserialization vulnerability in a custom application, and step through the process of building and executing a zero-day exploit to compromise the affected application and server. At each bend in the trail, we'll explore the specifics of the process and the tools needed, and seek to gain an understanding of how and why developers create these dangerous vulnerabilities. Our journey will end with a discussion about the challenges of remediating Insecure Deserialization flaws, and participants will step back into reality with a new perspective of this potent and mysterious vulnerability.

Speakers

Tim Tomes

Application Security Engineer with extensive experience in the information technology and security industries. Experience ranges from software development to full-scope penetration testing (red teaming) as both a technician and leader for both the United States Military and private... Read More →

Friday October 11, 2024 1:00pm - 4:00pm MDT
Homestake Adams Research and Cultural Center - Second Floor 150 Sherman St, Deadwood, SD 57732, USA

HARCC - Second Floor, Workshop

1:40pm MDT

KC7

Friday October 11, 2024 1:40pm - 2:10pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

KC7 is a free cybersecurity game that simulates end-to-end intrusions against a fictional company, using data modeled on real-world threat actors. Players ranging from students to professionals use Kusto Query Language (KQL) within the Azure Data Explorer (ADX) to analyze complex datasets, including Web, Email, and Endpoint logs, answering CTF-style questions that guide them through an investigative journey. At the core of this educational approach is the development of an investigative mindset, through immersive and fun interactive scenarios that span the entire Cyber Kill Chain. These scenarios enhance players' skills in analyzing cybersecurity data and contextualizing it within adversary strategies and tactics.

For WWHF the game scenario will revolve around:

Celestial Cowboy Couture, founded in 2015 and based in Deadwood, South Dakota, specializes in unique, high-quality Western and space-themed apparel, including holographic belts and star-patterned outerwear. The brand's popularity surged after high-profile fashion magazines featured famous male model John Strand in their campaigns, attracting celebrities and athletes alike. However, this increased visibility has also made the company a target for cybercriminals, threatening its digital assets like customer databases and design software.

After demoing how the game is made and a walkthrough of the gameplay experience I will open up the game for attendees to play so they can investigate the intrusion themselves. The game is fun, but the skills learned are real. The integration of threat intelligence encourages a deeper understanding of the operational context of cyber threats. By organizing threat actor behaviors and techniques according to the MITRE ATT&CK framework, the platform creates a diverse array of realistic intrusion scenarios. This method facilitates practical learning of ATT&CK techniques, moving beyond abstract descriptions by allowing participants to experience what these techniques look like in data.

Speakers

Jibby Saetang

Jibby Saetang, a watchmaker and jeweler, also serves as a Threat Intelligence Analyst and Content Lead at KC7 Foundation. His cybersecurity journey with a cheap laptop from Target. With that, he started exploring platforms like TryHackMe, KC7Cyber, and the Antisyphon Training Cyber... Read More →

Friday October 11, 2024 1:40pm - 2:10pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

2:00pm MDT

Abusing API Security

Friday October 11, 2024 2:00pm - 2:50pm MDT

Deadwood Mountain Grand - Track 1

Abusing API Security will discuss how to look at API security in a different way through multiple API attack techniques with a particular focus on GraphQL and gRPC.

Speakers

Charles Shirer

Charles has over 20 years of IT experience with the last 10 years in Information Security. Charles has done systems Adminstration, penetration testing, threat hunting, and security research In his spare time Charles plays retro video games, works on the SEC BSD Open source project... Read More →

Friday October 11, 2024 2:00pm - 2:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

2:00pm MDT

Your Favorite Coffee Shop Is Not Just Serving Espressos: How Threat Actors Use Victims to Create More Victims

Friday October 11, 2024 2:00pm - 2:50pm MDT

Deadwood Mountain Grand - Track 2

99% of US businesses have 20 users or fewer. In this talk we will discuss how to engage and protect the small businesses that form the backbone of our communities. We'll cover how to convey the risks small business insecurity poses to larger businesses downstream from them in the supply chain and some techniques you can bring to your favorite small business.

Speakers

James Bierly

James is a cybersecurity consultant and co-founder of Secure Point Solutions, He helps small businesses and IT Providers to protect their data, systems, and networks from cyber threats. He has over 10 years of experience in information technology and cybersecurity, with certifications... Read More →

Friday October 11, 2024 2:00pm - 2:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

2:15pm MDT

Badge Cloning - A Penetration Tester's Guide to Capturing and Writing Badges

Friday October 11, 2024 2:15pm - 4:00pm MDT

Deadwood Mountain Grand - Track 4 - Backstage

In this workshop, we distill key tactics from the comprehensive Practical Physical Exploitation course, tailored specifically for penetration testers looking to attack Physical Access Controls (PACS).

Participants will embark on a journey through the ins and outs of cloning badges during physical penetration tests. Explore the intricacies of long-range, short-range, and Stealth cloning tactics, gaining hands-on experience in the art of badge duplication. Delve into the realm of implantable devices, understanding their role in modern access control exploitation.

Join us as we uncover the nuances of downgrade/upgrade attacks and the protocols that make them possible. Learn to navigate the landscape of access control systems with expert guidance, equipping yourself with the knowledge to identify and exploit vulnerabilities.

By the end of this session, you'll wield an arsenal of cutting-edge techniques, ready to transform your facility into a bastion of high-security readiness. Don't miss this opportunity to elevate your skills and refine your physical security penetration testing skills.

Speakers

Ralph May

Ralph is a security analyst and penetration tester at Black Hills Information Security. Ralph is also a co-developer and instructor of the Practical Physical Exploitation course. Before joining BHIS, Ralph spent five years performing offensive operations on a wide range of security... Read More →

Travis Weathers

Friday October 11, 2024 2:15pm - 4:00pm MDT
Deadwood Mountain Grand - Track 4 - Backstage 1906 Deadwood Mountain Dr, Deadwood, SD

Track 4 - Backstage, Workshop

2:20pm MDT

Wireshark

Friday October 11, 2024 2:20pm - 2:50pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Wireshark is a great network protocol analyzer and open-source tool used for troubleshooting, analysis, and security testing of networks. It captures and displays data packets traveling across a network in real time. Users can inspect packet details and use this knowledge to assist them in diagnosing network issues and with monitoring traffic.
Using Wireshark, you can filter, and search based on protocols, addresses, or keywords to help in a more targeted analysis of the traffic flowing on a network. It supports research with numerous protocols including TCP, UDP, HTTP and more.
Wireshark is a very user-friendly application which has a good graphical interface which assists in displaying the packet information in an easy-to-read format which includes the source and destination addresses, packet timing, and even payload contents. Wireshark is used for many varied reasons and professions including network administrators, security professionals, and developers alike. It helps these (and others) to better understand network behaviors, troubleshooting connectivity problems and even assist in anomaly detection and/or security threats.
Bottom line is that Wireshark is a great and indispensable tool that will provide deep insight and network behavior for those looking to manage or secure networks.

Speakers

David Brackin

I am an 80’s child who is late joining the fun in the cybersecurity realm but throughout my life I have worked in various fields, and I have always been involved with computers and tinkering/hacking in one way or another. Whether I was troubleshooting in the U.S. Navy or leading... Read More →

Friday October 11, 2024 2:20pm - 2:50pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

3:00pm MDT

Halberd

Friday October 11, 2024 3:00pm - 3:30pm MDT

Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor

Halberd is an open source offensive security tool that delivers simple, fast & effective security testing. Leveraging Halberd, security teams can execute attack techniques in cloud via an incredibly simple web interface that can be spun up locally in seconds. Most organizations are hybrid & multi-cloud and setting up / managing tools to test different platforms is hard. Halberd allows users to test across multiple attack surfaces such as Entra ID, M365, Azure and AWS from a single interface. Apart from executing attack techniques, Halberd offers various recon dashboards that allow for advanced information gathering in a target environment and also auditing.
It's developed natively in python and is designed to be incredibly modular, so adding new techniques and even new attack surfaces (GCP is next) is also incredibly easy. Halberd aims to be a powerful attack emulation tool but also a security tool that everyone from a red teamer to a detection engineer can use, so we can all start testing regularly & frequently, and be confident in our defenses.

Speakers

Arpan Abani Sarkar

I am a security engineer with extensive experience in detection engineering, threat research and threat hunting. I have worked on developing threat detections to enterprise D&R platforms, built new enterprise threat hunting services and consulted organization on threat hunting & insider... Read More →

Friday October 11, 2024 3:00pm - 3:30pm MDT
Deadwood Mountain Grand - Track 3 - Hotel Lobby 3rd Floor 1906 Deadwood Mountain Dr, Deadwood, SD

Track 3 - DMG -Hotel Lobby 3rd Floor, Tool Shed

3:00pm MDT

Vunerability-cetric Pentesting

Friday October 11, 2024 3:00pm - 3:50pm MDT

Deadwood Mountain Grand - Track 1

Interacting with vulnerabilities is a core security practice. For a pentester, vulnerabilities should form a map to making risk actual, but our tools in this space often get in our way. Sirius Scan is a tactical vulnerability scanner. One dedicated to you, the operator.

In this talk, we will fluidly interact with and exploit network vulnerabilities by leveraging several open-source tools and tying their interactions with vulnerability intelligence.

Speakers

Matthew Toussain

A graduate of the U.S. Air Force Academy with a B.S. in computer science and the SANS Technology Institute with an M.S. in information security engineering, Matthew has served as the senior cyber tactics development lead for the U.S. Air Force (USAF) and worked as a security analyst... Read More →

Friday October 11, 2024 3:00pm - 3:50pm MDT
Deadwood Mountain Grand - Track 1 1906 Deadwood Mountain Dr, Deadwood, SD

Track 1, 50 Minute Talk

3:00pm MDT

One Arrow, One Breach: The Medieval Mindset in Cyber Defense

Friday October 11, 2024 3:00pm - 3:50pm MDT

Deadwood Mountain Grand - Track 2

In cybersecurity, the wisdom has often been likened to the defense strategies of medieval castles: every attack repelled. This talk, "One Arrow, One Breach," challenges this notion, presenting a shift in approaching cybersecurity. Led by Kevin Johnson, this presentation delves into the antiquated belief that all attacks must be stopped to ensure security. Drawing parallels with medieval defense, Kevin argues for a strategic approach, emphasizing the importance of identifying and stopping the most critical threats rather than dispersing our resources across all points of attack.Using real-world examples from his penetration testing experience, Kevin will demonstrate how this focused approach leads to more efficient use of resources and improved risk management. Attendees will gain insights into prioritizing threats and rethink their overall approach to cybersecurity.

Speakers

Kevin Johnson

CEO, Secure Ideas, LLC

Kevin Johnson is CEO of Secure Ideas, a consulting company dedicated to security testing and training. Kevin passionately advocates for cybersecurity through his work with Secure Ideas, as a global board member for OWASP and as a faculty member at IANS. During his over 30 years in... Read More →

Friday October 11, 2024 3:00pm - 3:50pm MDT
Deadwood Mountain Grand - Track 2 1906 Deadwood Mountain Dr, Deadwood, SD

Track 2, 50 Minute Talk

4:00pm MDT

CULTivating Growth and Connection

Friday October 11, 2024 4:00pm - 4:50pm MDT

Deadwood Mountain Grand - General Sesson

In this talk Wade will explore the psychological and social benefits of community involvement and mentorship, such as increased belonging, mental health, and professional growth. We'll discuss how these engagements enhance networking, skill development, and foster mutual learning and leadership. Additionally, practical strategies for effectively participating in communities and developing mentoring relationships will be outlined, addressing challenges like time management and cultural differences. The session aims to provide participants with actionable steps to enhance their personal and professional lives through active community and mentorship roles. Ideal for those seeking to strengthen community ties and pursue meaningful mentorship.

Speakers

Wade Wells

Wade Wells is a seasoned cybersecurity expert with a robust background in threat hunting, cyber threat intelligence, and detection engineering, primarily in the financial sector. Wade holds a master's degree in cybersecurity from Georgia Tech, is a board member of BSides San Diego... Read More →

Friday October 11, 2024 4:00pm - 4:50pm MDT
Deadwood Mountain Grand - General Sesson 1906 Deadwood Mountain Dr, Deadwood, SD

General Session, Keynote

5:00pm MDT

Wild West Hackin' Fest Awards Ceremony

Friday October 11, 2024 5:00pm - 5:15pm MDT

Deadwood Mountain Grand - General Sesson

Friday October 11, 2024 5:00pm - 5:15pm MDT
Deadwood Mountain Grand - General Sesson 1906 Deadwood Mountain Dr, Deadwood, SD

General Session

8:00pm MDT

Dance Party

Friday October 11, 2024 8:00pm - 11:00pm MDT

Elks Club

Friday October 11, 2024 8:00pm - 11:00pm MDT
Elks Club

Elks Club - 696 Main St. Deadwood, Fun and Games