
This is a hands-on, four-hour lab. You’ll learn the two layers of prompting that most people blur into one: building a strong prompt before you hit enter, with the right role, context, constraints, and output shape, then running the refine-and-verify loop after the first draft comes back.
Course Length: 4 Hours
Includes a Certificate of Completion
Next scheduled date: August 17th, 2026 @ 1:00 PM ET
Description
Anyone can type a question into a chatbot. Getting an AI to reliably produce work you’d actually put your name on, whether that’s a defensible finding, a tuned detection, or a configuration review that identifies the real escalation path, is a different but learnable skill. Building off the workshop Keeping Things Local: Build Private LLMs for Your Team, you’ll take the local LLM you built and learn to prompt it for reliable, consistent results with fewer hallucinations. Didn’t take the first workshop? No problem: a ready-to-go VM is provided.
This is a hands-on, four-hour lab. You’ll learn the two layers of prompting that most people blur into one: building a strong prompt before you hit enter, with the right role, context, constraints, and output shape, then running the refine-and-verify loop after the first draft comes back. You’ll practice on the jobs you actually do: writing findings, analyzing configs, drafting detections, and validating exploit preconditions in a lab. From there you’ll split planning from execution across sessions so unrelated context doesn’t pile up, and package a prompt worth reusing into a Skill your local model can load on demand. You’ll also spend time on the adversarial side, learning how prompt injection, jailbreaking, and data-extraction attacks work and why, so you can recognize them in the wild and craft and evaluate them during authorized security testing. Because nothing hurts your credibility faster than shipping a report with “AI wrote this” fingerprints on it, you’ll finish with a checklist for scrubbing AI slop before anything reaches a client.
Who Should Take This Workshop
Security practitioners who want to get real, defensible work out of an AI, and who’d rather keep sensitive prompts on hardware they control. It’s a strong fit for:
- Red teamers and penetration testers who want to speed up findings, tooling, and PoC validation without shipping client data to a third party
- Blue teamers and detection engineers who want to draft and tune Splunk and EDR detections faster
- Consultants and MSSP staff who write a high volume of client-facing deliverables and can’t afford AI fingerprints in a report
- Anyone who has used an AI chatbot, been underwhelmed by the results, and suspects better prompting would get better results
What You’ll Learn
By the end of the workshop, you will be able to:
- Pick the right model for the task, and explain the tradeoffs between proprietary, open-weight, uncensored community, and abliterated models
- Spend tokens deliberately: recognize context rot and the standing tax of repeatedly reloading context, and apply concrete techniques to cut waste
- Build strong prompts with the right role, context, constraints, and output shape, then run a disciplined refine-and-verify loop on real security tasks: findings, config analysis, detections,and proof-of-concept tooling
- Separate planning from execution across multiple sessions so a polluted context never derails a build
- Package repeatable prompt workflows into reusable Skills that extend your LLM’s capabilities
- Craft and recognize injection, jailbreaking, and data-extraction prompts, and understand why they work
- Scrub AI “tells” out of client-facing writing so your deliverables read like a human wrote them
- (Optional, building on the prior workshop) Reach your model from anywhere using a sandboxed, dedicated AI box
- Build lightweight evaluation sets so you can compare prompt revisions and identify real improvements
-
System Requirements
- The lab VM and everything you need are provided; you just need a laptop that can run one virtual machine. The model runs on your CPU, not your GPU. Bare minimum:
- 16 GB RAM (24 GB or more recommended; the model runs in memory alongside the OS)
- A modern multi-core CPU; more cores means faster responses, and no GPU is required or used
- Approximately 40 GB free disk space (the VM ships with the model baked in; files are large)
- CPU with virtualization support enabled in BIOS/UEFI
- One of: VMware Workstation, VMware Player, VMware Fusion, or VirtualBox
- Internet connection to download and import the VM before class
- Expect steady, not instant, responses. A small local model on CPU takes a few seconds to reply, and every lab is sized to run comfortably at that pace.
-
VM / Lab / Student Information
- A Linux-based lab VM with a small, quantized open-weight LLM preinstalled will be provided for download before class, along with import instructions and credentials. Download it and import it into VMware or VirtualBox ahead of time.
FAQ
Beginner to intermediate. No prior prompt-engineering experience is required. You should have used an LLM such as ChatGPT, Claude, or Gemini at least a little and know what a prompt is. Because the VM comes with everything preinstalled, deep Linux or infrastructure skills are not required.
- Some hands-on time with an LLM such as ChatGPT, Claude, or Gemini
- Basic comfort importing and running a VM (covered in the import instructions; the lab VM is provided ready to go)
- Ability to download and extract large files before class
About the Instructor
Ashley Knowles
Bio
Ashley Knowles joined Black Hills Information Security (BHIS) in Fall 2021. As a Security Consultant, Ashley’s role is to perform network (internal/external), social engineering, and cloud penetration tests, as well as participating in red team assessments. Since joining the infosec community in 2013, she has developed and taught hacking classes, worked as a security consultant, and been a team lead on a red team. Ashley serves as a mentor at a local high school’s cybersecurity class and, as someone who loves to learn and teach, she looks forward to developing and teaching classes that add to BHIS’s educational catalogue. In her free time, Ashely enjoys photography, hiking and exploring new places with her kids, and building Legos.
Register for Upcoming
Prompt Engineering with Local LLMs
Live Training Ashley Knowles
- Certificate of completion
- 6 months class recording access via Discord
For tuition assistance with this course please send an email to: [email protected]
Related products
-
Multiple InstructorsLive4 Hrs
Workshop: Hacking AI-LLM Applications
View Course This product has multiple variants. The options may be chosen on the product page -
Chris TraynorLive4 Hrs
Workshop: Offensive Tooling Foundations
View Course -
Multiple InstructorsLive4 Hrs
Workshop: AI Foundation: Cyber Security Workflow Optimization using AI Technology
View Course This product has multiple variants. The options may be chosen on the product page -
Cameron CartierLive4 Hrs
Workshop: The Hitchhiker’s Guide To Social Engineering with Cameron Cartier
View Course This product has multiple variants. The options may be chosen on the product page

