Wild West Hackin' Fest - Deadwood 2024

Every hacker wants more cool stuff and many of us have a 3D printer gathering dust in the corner. In my presentation "Unlocking Physical Security: 3D Printing Your Way Inside." I will inspire the audience to buy more filament and start preheating their print beds to extrude a collection of valuable physical security tools (both offensive and defensive). This talk goes over a handful of original (never before seen) designs, 3D-printable versions of existing tools, explains how to use each tool with demonstration videos, offers practical advice to those who want to 3D print their own physical security tools, and shows the audience where they can find my models and others to print.

Discover how psychological theories can revolutionize cybersecurity practices! This presentation explores the transformative potential of Attention Restoration Theory (ART) and Social Cognitive Theory (SCT) in enhancing cybersecurity measures. By optimizing work environments to rejuvenate mental focus (ART) and leveraging social influences and self-efficacy to boost security compliance (SCT), let's shed light on strategies that minimize human errors and amplify vigilance. Dive into a session that blends theory with practical solutions, paving the way for a cybersecurity culture that's as robust as user-centric. Get ready to shift from traditional defenses to psychologically empowered cybersecurity tactics!

Although Simple Network Management Protocol (SNMP) is a critical protocol for system and network administrators, a comprehensive SNMP version 1/2c/3 hacking methodology has not been clearly documented. This presentation will explain how to correctly perform SNMP password attacks, test SNMP read/write permissions, and how to exploit any successful access. A Python wrapper script will be introduced to automate these tedious steps across a large scope of systems especially given Windows's required access to multi-function devices. In addition to describing how to correctly assess SNMP, recommended approaches for mitigation will be stated so that SNMP can be locked down to to only authorized persons.

The goal of the presentation is to showcase how to perform the Evil Twin Attack exploit without the use of a Wifi pineapple as well as to showcase how to bypass randomization of wireless channels on wireless access points

As Artificial Intelligence (AI) and Large Language Models (LLMs) diffuse into everyday business use, these new technologies present novel challenges for IT Staff, Security, Compliance and Development Teams. How can practitioners ensure AI is used securely and follows company and industry guidelines? This session will present an overview of AI usage in the enterprise and how companies can safely control and harness this new power that AI can provide.

Companies or individuals often sit on domains for later use, and can even make a “passive income" off of these unused domains. The monetary incentives of the domain parking system lead to these parked domains becoming littered with malware and potentially putting consumers in danger. This talk is essentially a PSA, and gives an overview of the phenomenon including stakeholder analysis, perverse incentives, and why you might want to reconsider parking your domains.

Many organizations current policies and controls allow for their helpdesks to reset users passwords and multi-factor authentication, which makes those helpdesks a prime target for social engineering attacks such as those demonstrated in the past by threat actors like the ALPHV/BlackCat ransomware groups. This talk will cover common tactics successfully used by threat actors, and emulated by BHIS's ANTISOC team, as well as policies and procedures that can help deter such attacks.

I’ve been in Infosec for almost 20 years. I also have AD(H)D. This talk is my story; how I kept feeling something was off until diagnosed 5 years ago, what impact ADHD and being diagnosed had on my life and why one should always confront realities and get the best out of it.I'll also talk about what I learned since last year and the talk I did at WWHF 2023 and about which advantages me and others with a similar diagnose has that makes them unique and helped them accomplish great things in life.An important learning for me since I started talking about neurodiversity is that there is an overrepresentation of mental diagnoses in infosec. This is my attempt to educate, break down taboos and inspire others to learn about themselves and others and hopefully get a better life.