HackerOps w/ Ralph May
March 14 @ 9:00 am – March 15 @ 6:00 pm EDT
Course Length: 16 Hours
Tuition: $575 per person
Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.
|Thursday, March 14, 2024:
|9:00 AM – 5:00 PM*
|Friday, March 15, 2024:
|9:00 AM – 5:00 PM
All times are Eastern.
This class is part of the The Most Offensive Con that Ever Offensived March 2024 Summit. Registration for any The Most Offensive Con that Ever Offensived March 2024 Summit class includes registration for the summit and all of its presentations, talks, and streams.
Clicking on the button above will take you
to our registration form.
To conduct an advanced attack, you need more than just a collection of simple scripts. In addition to talent, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement, the more time we need. Time is something we don’t have a lot of on an engagement.
Today, to be an advanced and effective attacker, you need to move fast, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources, the days of manual setup are long behind us.
Where do we get started? And how does it all work?
In this training, we learn the fundamentals of DevOps and how we can code our tactics, techniques, and procedures (TTPs). Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share.
In this class, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly, we will work through multiple labs and examples that you can take with you for your next engagement.
Trainer & Author
Ralph May is a security analyst and penetration tester at Black Hills Information Security. Before joining BHIS, Ralph spent the last five years delivering penetration tests on a wide range of security assessments. These assessments include physical, wireless, network, social engineering, and full simulation red teams. Before focusing on security, Ralph worked as a system administrator and as a network engineer for both civilian and government employers. Ralph is a US Army veteran who previously worked with the United States Special Operations Command (USSOC) on information security challenges and threat actor simulations.
Ralph has contributed to multiple open-source security tools and spoken at numerous security conferences. He’s a lifelong learner and finds joy in discovering how technology truly works. When Ralph is away from the keyboard, he likes the outdoors, boating, exercising, and spending time with his family.