Red Team Fundamentals for Active Directory
OnlineRed Team Fundamentals for Active Directory course is an 8-hour class focused on explaining the fundamentals of Active Directory and how different aspects can be exploited when performing penetration tests.
Anti-Cast | All About Linux Systemd Timers w/ Hal Pomeranz
OnlineHal will cover the basics of configuring Systemd timers and how they operate, plus forensic indicators you can look for to find any timers deployed in your systems.
Getting Started in Packet Decoding
OnlineOne of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Anti-Cast | For the Love of the Windows Search Index w/ Alissa Torres
OnlineJoin Alissa Torres in this free one-hour Antisyphon Anti-Cast to learn how the Windows Search Index can augment your investigations. Fall in love with this under-rated artifact.
Anti-Cast | How to Use “Leaky Vessels” for Container Escape in Kubernetes w/ Jay Beale
OnlineJoin us for a free one-hour Antisyphon Anti-Cast, with instructors Derek Banks and Troy Wojewoda, to gain insight on how they both produce and use various forms of threat intel at Black Hills Information Security (BHIS).
Anti-Cast | Intro to Software Defined Radio (SDR) for Space Signals Analysis w/ Tim Fowler
OnlineIn this free one-hour Antisyphon Anti-Cast, Tim Fowler - Black Hills Information Security: Security Analyst, will explore the versatile world of software-defined radio (SDR) and its application in satellite communication.
MITRE ATT&CK Framework and Tools w/ Carrie Roberts
OnlineThe MITRE Organization has provided several useful and free tools for working in the cybersecurity space. One of these tools, the MITRE ATT&CK Framework, has become the industry standard for talking about and organizing attacker tactics and techniques. In this introductory class we will look at the information provided in the framework and use various tools, including the ATT&CK Navigator, for visualizing and sharing information. A brief overview of other MITRE tools including CVE/CWE, ATT&CK Flow, ATT&CK Powered Suit, ATT&CK Evaluations, and the Adversary Emulation Library will be given. You will be provided with hands-on lab instructions for creating visualizations using the MITRE ATT&CK Navigator and for searching through ATT&CK data with the convention web browser extension. At the end of this class, you will have the knowledge and tools to talk about and work with the MITRE ATT&CK Framework and Tools.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Practical Physical Exploitation w/ Ralph May and Travis Weathers
Tampa, FL Tampa, Florida, United StatesThe Practical Physical Exploitation Course is designed to provide you with everything needed to sell and execute physical security assessments. The key word here is PRACTICAL; everything covered in this course is what you need to know to be successful on your first solo assessment.
Anti-Cast | Radioactive Vulnerabilities-Learn Secure Coding w/ Jennifer Shannon and Kathy Collins
OnlineTune in to 'Radioactive Vulnerabilities - Learn Secure Coding,' a free one-hour Antisyphon Anti-Cast that shares the tragic story of the Therac-25 radiation therapy incidents and how those incidents can teach us the significance of security testing before technology deployment.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
The Most Offensive Con that Ever Offensived – Bypass Edition
OnlineIs it the best defense is a good offense or the best offense is a good defense? For all the defenders out there, wouldn’t it be nice to understand the mind of an offensive security professional? And for all the offensive security professionals, wouldn’t it be amazing to learn from others who think about all the best ways to bypass defenses.
Summit Talk: Less but Better: Lessons Learned From Red Teaming Esoteric Environments
Talk Length: 20-25 minutesTuition: free Pricing: Location: Talk Description As the technology we rely on to build our businesses increases in complexity, it is requiring more specialized knowledge of how to deploy, administer, and secure it. Unfortunately this increasing of technological complexity presents a unique problem to those of us on the red team: how do...
Summit Talk: Evasive Facility Breach: From Ingress to Egress in 15 Minutes or Less
OnlineDive into the world of efficient and effective evasive physical red teaming. This presentation offers a condensed glimpse into key elements covered in the full Practical Physical Exploitation course, providing attendees with insights to navigate assessments with minimal exposure while eliciting jaw-dropping client reactions. Explore topics such as Gear, Remote Recon & On-site Surveillance, Threat Profiling, Off-site Operations, and Facility Access. Join this high-impact learning experience that equips you to elevate your physical penetration testing skills. Get ready to drink from the firehose and possibly walk away with a new look at evasive facility breach tactics.
Summit Talk: Bypass Like It’s 1999: Decades of Fraggles, Doozers, and Desync
OnlineDance your cares away! Let's put on our denim jacket and bucket hat, cue up our The Prodigy CD, login to our RedHat Linux 6.0 appliance, and fire up Snort 1.2.1 to see if our shiny new Perl exploit gets caught! Should we share this out on Bugtraq or save it for a rainy day?
Summit Talk: How to annoy your colleagues, lose friends and throw away your social life: Bypassing EDRs
OnlineHow we come up with ideas, test them, annoy the Service Desk and our security colleagues by either swamping them with false alerts, doing silly things like encoding, block the process on windows firewall, dazzle the MSP at the same time and so on.
Summit Talk: Less but Better: Lessons Learned From Red Teaming Esoteric Environments
OnlineIn this talk I will discuss some of the unique challenges I have run into, the often surprising solutions I've discovered, as well as the techniques I use when approaching new highly complex environments that allow me to demonstrate risk without spending all of my allotted time researching the intricacies of each technology in play
Summit Talk: The Offensive Odyssey: A Deep Dive into Bypass Techniques
OnlineThis presentation will explore the various bypass techniques used by attackers, detailing the most effective and creative ways to breach security measures. The focus of the presentation will be to provide practical examples and challenges that can be implemented to gain a real understanding of these techniques. Participants will learn how to assess weaknesses and bypass restrictions on different platforms and operating systems, including those commonly found in enterprise environments.
Summit Talk: Wireless for Red Teams
OnlineExplore key tactics for red teams across various wireless protocols, including Wi-Fi, Bluetooth, RFID, and more, in this focused talk. Delve into reconnaissance, exploitation, and custom tool development, offering actionable insights for security professionals to elevate offensive strategies in a concise 20-minute presentation.
Summit Talk: In Cloud We Trust: Common M365 Attack Techniques to Bypass Defenses
OnlineReady to learn common attacks to bypass defenses in Microsoft 365? This session will explore techniques used by red teamers to achieve initial access or evade detections.
Summit Talk: Greetings from the Red Team!
OnlineDuring this talk you'll learn how the attack works and why relatively simple techniques are sometimes the best at overcoming advanced defenses. I'll also share the methodology I used to increase my chances of success and make detection as difficult as possible.
Advanced Offensive Tooling w/ Chris Traynor
OnlineIn the Advanced Offensive Tooling course, you will embark on a journey into the depths of cybersecurity expertise, immersing yourself in advanced techniques and methodologies employed byseasoned offensive operators. The curriculum is meticulously designed to not only sharpen your skills but also elevate your understanding of your toolset. Explore each tool's inner workings, unlock customization options, harness scripting abilities, and learn the art of responsible tool usage.
Enterprise Forensics and Response w/ Gerard Johansen
OnlineThe Enterprise Forensics and Response course is designed to provide students with both an investigative construct and techniques that allow them to scale incident response activities in an enterprise environment. The focus of the lecture portion of the course work is understanding the incident investigation process, objective oriented analysis and response, intrusion analysis and an exploration of attacker Tactics and Techniques.
Network Forensics and Incident Response w/ Troy Wojewoda
OnlineIncident responders are continually faced with the challenge of collecting and analyzing relevant event data—network communications is no exception. This course uses an assortment of network data acquisition tools and techniques with a focus on open-source, vendor-neutral solutions. Students who take this course will learn how to perform network traffic and protocol analysis that ultimately supports cybersecurity incident response efforts. From reconnaissance to data exfiltration, network traffic scales to provide a bird’s-eye view of attacker activity. Leveraging the vantage point of key network traffic chokepoints, this course explores nearly every phase of an attacker’s methodology. Students will learn network traffic analysis concepts and work through hands-on lab exercises that reinforce the course material using real-world attack scenarios.
Incident Response Foundations w/ Derek Banks
The goal of this course is to provide the core components that make up a successful Incident Response program. Students will learn how to get started on their IR journey, what to prioritize, and why boring stuff like policies and procedures are just as important as technical digital forensics skills.
Defending the Enterprise w/ Kent Ickler and Jordan Drysdale
OnlineFor the luckiest of enterprises, the awareness of an insecure environment is proven not in public discord after a breach but instead by effective security penetration tests. Time and time again Jordan and Kent have witnessed organizations struggle with network management, Active Directory, organizational change, and an increasingly experienced adversary.
Modern Webapp Pentesting II: Webapp Internals w/ BB King
OnlineModern Webapp Pentesting II: Webapp Internals is written as a followup to Modern Webapp Pentesting. This course builds on the fundamentals and gives you experience with how they apply to current problems in web applications.
Ransomware Attack Simulation and Investigation for Blue Teamers w/ Markus Schober
OnlineAs a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
HackerOps w/ Ralph May
OnlineIn this training, we learn the fundamentals of DevOps and how we can code our tactics, techniques, and procedures (TTPs). Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share.
Introduction to Cybersecurity in Space Systems w/ Tim Fowler
OnlineIntroduction to Cybersecurity in Space Systems is a course designed to expose cybersecurity professionals to the concepts and implementations of space systems including the ramification and impacts security can have on a mission.
Getting Started in Security with BHIS and MITRE ATT&CK w/ John Strand
OnlineThis 16-hour (4-days, 4-hour sessions) information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | Threat Hunting with Velociraptor w/ Eric Capuano & Whitney Champion
OnlineIn this free one-hour Antisyphon Anti-Cast with Eric Capuano and Whitney Champion, they'll share tips and tricks for getting instant value with Velociraptor, as well as updates they have planned for their next THVR course at Wild West Hackin' Fest!
Professionally Evil API Testing: A Practical Course for Beginners
OnlineIf you want to learn how to perform security testing on web applications that use application programming interfaces (APIs), this course is for you. APIs are the connective tissue responsible for transferring information between systems, both internally and externally. They are also a common target for cyberattacks, as they can expose sensitive data, application logic, and internal infrastructure.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | Re-encoding Python Shellcode Execution w/ Joff Thyer
OnlineLets re-encode our shellcode for better success, in this free one-hour Antisyphon Anti-Cast, Re-encoding Python Shellcode Execution with Joff Thyer.
Professionally Evil API Testing: AAA and Keys are Not Just for Cars
OnlineThis course will teach you how to test web APIs for authorization and access control related security flaws. You will learn how to map API functionality, identify authentication and authorization flaws, and exploit common API vulnerabilities. You will also gain hands-on experience with tools and techniques for testing API authorization mechanisms and access control models.
Professionally Evil API Testing: GraphQL, SOAP, and REST Fundamentals and Techniques
OnlineAre you interested in learning how to test different types of APIs for quality and security? Do you want to dive into the essential skills and techniques for testing GraphQL, SOAP, and REST APIs? If so, this course is for you! In this course, you will learn the fundamentals of API testing, including what APIs are, how they work, and why they are important. You will also learn the differences between GraphQL, SOAP, and REST APIs, and how they affect the way you test them for flaws and vulnerabilities. You will gain hands-on experience with various tools and frameworks for API testing, such as Postman, SoapUI, and GraphQL Playground.
Breaching the Cloud w/ Beau Bullock
KernelCon2024 555 S 10th St, Omaha, NebraskaThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Hacking Active Directory: Fundamentals and Techniques w/ Dale Hobbs
KernelCon2024 555 S 10th St, Omaha, NebraskaThe majority of enterprise networks today are managed using Microsoft Active Directory and it is crucial for a security professional to understand the current threats to a modern Windows environment.
The course begins with an overview of Active Directory architecture and how it can be leveraged by attackers to gain access to critical assets. Participants will learn about the various attack vectors and methods used to compromise Active Directory, such as password attacks, service abuse and privilege escalation.
Introduction to Python w/ Joff Thyer
KernelCon2024 555 S 10th St, Omaha, NebraskaThis course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | AWS Cloud: DevSecOps Essentials w/ Andrew Krug
OnlineJoin us for a free one-hour Antisyphon Anti-cast with instructor, Andrew Krug, as he explores the fundamentals of DevSecOps as they relate to the AWS Cloud.
Introduction to PCI (PCI 101) w/ Nathan Sweaney
OnlineThis course is designed to introduce IT professionals to the Payment Card Industry collection of standards as defined and enforced by the Payment Card Industry Security Standards Council. The first half of the course summarizes the structure and history of PCI, the primary standards documents, and the various certification programs for professionals. The second half of the course dives into a summary of the components of the PCI Data Security Standard (PCI DSS). This is a high-level, introductory summary designed to provide a general understanding of the requirements in the PCI DSS.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | Secure Ideas Foundational Application Security Training w/ Bill McCauley
OnlineJoin us for a free one-hour Antisyphon Anti-Cast with Bill McCauley, as he dives into the realm of application security from Secure Ideas' foundational training class.
Foundational Application Security Training (FAST) w/ Bill McCauley
OnlineThe Foundational Application Security Training (FAST) course is a 4-hour Pay What You Can
class focused on explaining the fundamentals of applications and their security. This
lecture-focused class is designed to allow managers, product owners, support staff and
non-developers to understand application security. This lecture includes what makes up the
various modern application technologies, the application development process, what
vulnerabilities and risks are exposed via applications and how the attacks happen.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | Hands on with the NIST Cybersecurity Framework 2.0 w/ Nathan Sweaney
OnlineIn this free one-hour Antisyphon Anti-Cast with instructor, Nathan Sweaney, he'll explore the NIST Cybersecurity Framework 2.0 and practical applications for measuring your cybersecurity posture.
Getting Started in Packet Decoding w/ Chris Brenton
OnlineOne of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | Operationalizing Threat Intelligence w/ Derek & Troy
OnlineJoin us for a free one-hour Antisyphon Anti-Cast, with instructors Derek Banks and Troy Wojewoda, to gain insight on how they both produce and use various forms of threat intel at Black Hills Information Security (BHIS).
Anti-Cast | Learning from Macedonia: How InfoSec Fails Spawn from Sales & Marketing w/ John Strand and Kevin Johnson
OnlineJoin us for a free one-hour Antisyphon Anti-cast, with John Strand and Kevin Johnson. Learn how exaggeration undermines trust and efficiency.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | Security Split: Divorcing Your Stack w/ Alissa Torres w/ Alissa Torres
OnlineSo your security team is convinced it needs to graduate to the newest "best" enterprise security tool, I get it. But for most, this type of architecture shift requires careful planning and implementation. For legacy tools, you probably made concessions during onboarding, accepted risks and grew product-specific dependencies. Join us for a free one-hour Antisyphon...
Read more... “Anti-Cast | Security Split: Divorcing Your Stack w/ Alissa Torres w/ Alissa Torres” »
Antisyphon Training @ BSides Fort Wayne 2024
OnlineAntisyphon Training will be at BSidesFortWayne this Fort Wayne, IN, this May!
Modern Webapp Pentesting II: Webapp Internals w/ BB King
Skyline/Ash Brokerage Building 888 S. Harrison St. #500, Fort Wayne, IN, United StatesModern Webapp Pentesting II: Webapp Internals is written as a followup to Modern Webapp Pentesting. This course builds on the fundamentals and gives you experience with how they apply to current problems in web applications.
Hacking Active Directory: Fundamentals and Techniques w/ Dale Hobbs
Skyline/Ash Brokerage Building 888 S. Harrison St. #500, Fort Wayne, IN, United StatesThe majority of enterprise networks today are managed using Microsoft Active Directory and it is crucial for a security professional to understand the current threats to a modern Windows environment.
The course begins with an overview of Active Directory architecture and how it can be leveraged by attackers to gain access to critical assets. Participants will learn about the various attack vectors and methods used to compromise Active Directory, such as password attacks, service abuse and privilege escalation.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | 60min Crash Course into Infosec w/ Bill McCauley
OnlineJoin us for a one-hour Antisyphon Anti-cast with instructor Bill McCauley from Secure Ideas, as he dives into a high-level webapp pentest walkthrough, covering recon, mapping, reporting, and more, with access to a hosted SamuraiWTF environment.
Active Defense & Cyber Deception w/ John Strand
OnlineIn this class, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly, you will find out how to do the above legally.
Anti-Cast | Threat Models, Landscape, and Profiles OH MY w/ Wade Wells
OnlineThis free one-hour Antisyphon Anti-Cast with instructor Wade Wells offers an insightful overview of cyber threat landscaping, threat modeling, and threat profiling.
SOC Core Skills w/ John Strand
OnlineThis 16-hour information security training course will cover the core security skills all Security Operation Center (SOC) analysts need to have. These are the skills that all Black Hills Information Security (BHIS) SOC team members need to have.
Professionally Evil Application Security (PEAS): Mastering Application Reconnaissance and Mapping
OnlineEmbark on a journey into the world of web security with Mastering Application Reconnaissance and Mapping. As part of the Professionally Evil Application Security series, this course focuses on the crucial aspects of reconnaissance and mapping within the application penetration testing methodology. Whether you're a seasoned professional or a curious newcomer, this course will equip you with the foundational knowledge and practical skills to assess web applications against potential vulnerabilities.
Anti-Cast | Offensive Wireless for Red Teams w/ Alex Sanders
OnlineJoin us for a free one-hour Antisyphon Anti-cast with Alex Sander, as he discusses the differences between penetration testing and red team operations, applications of various wireless protocols in the enterprise, and showcases tooling for attackers and defenders alike.
Professionally Evil Application Security (PEAS): Unveiling Server-Side Discovery and Exploitation
OnlineWelcome to the world of application security, where you'll unravel the hidden flaws lurking within server-side portions of web applications. Join us for the second course in the Professionally Evil Application Security series.
Professionally Evil Application Security (PEAS): Mastering Client-Side Flaws and Exploitation
OnlineEmbark on the finale of our Professionally Evil Application Security series with our course, Mastering Client-Side Flaws and Exploitation. In this session, you'll uncover the secrets of client-side vulnerabilities and learn how to secure web applications against potential threats.
Anti-Cast | Realistic End-to-End Attacks & Detective Controls w/ Jeff McJunkin
OnlineJeff reveals the five ways outside attackers gain internal access and outlines three core defender objectives: Reducing initial access, lowering detection and response time, slowing down the attackers. Discover actionable insights through three live, realistic breach demonstrations into detective controls and slowing down attackers.
Anti-Cast | How to Forge Fake News and Spawn Flawless Phisheries w/ Michael Allen
OnlineAnyone (and we mean anyone) can create perfect forgeries of trusted websites and use them to spread misinformation, conduct phishing attacks, or worse. In this webcast we explore the topic two ways: Part 1: For Blue Team Beginners, Family, and Friends and Part 2: For red teamers,
Getting Started in Security with BHIS and MITRE ATT&CK w/ Patterson Cake
OnlineThis 16-hour (4-days, 4-hour sessions) information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.
Anti-Cast | What Game of Thrones Can Teach Us About Cybersecurity with Dr. Gerald Auger
OnlineDrawing from two decades in the cybersecurity arena, this presentation delves deep into the parallels between the worlds of "Game of Thrones" and today's cyber ecosystems. Just as the Houses of Westeros must continuously adapt to political and martial threats, organizations today must be agile in response to an ever-evolving cyber landscape.
Incident Response Summit
OnlineAre you prepared to handle a business email compromise? What about a large-scale breach? Confused about the processes and technologies you need to have in place to be successful? How about the personnel and their respective roles to execute various IR procedures?
Come join us at the Incident Response Summit and stay for the two-day training session. Learn how to get started on your journey!
Summit Talk: How I started my summer vacation: Navigating My First Incident in the Cloud w/ Josh Hankins
In this presentation, I’ll share my firsthand experience managing an event entirely based in the cloud. Buckle up for “The Good, The Bad, and The Ugly” as we explore the highs and lows of this event from summer of 2021. Along the way, I’ll detail valuable lessons learned and discuss what we could have done differently with the benefit of hindsight. Let’s turn hindsight into foresight and elevate our cloud security defense game. Attendees will leave with actionable takeaways to optimize their own incident-response plans so your summer vacation will be memorable for the right reasons.
Summit Talk: Incident Response as a Recovering Pentester w/ Alper Basaran
This talk aims to cover specific skills penetration testers have which can be useful for all six steps of incident response. This talk also covers some specific functions of security such as threat modeling and source code analysis which, once integrated in the SOC process will help all organizations be better prepared for incidents.
Summit Talk: Dungeons & Dragons: The security tool you didn’t know you needed w/ Klaus Agnoletti
https://www.antisyphontraining.com/event/summit-talk-navigating-the-shadows-incident-response-in-the-age-of-dark-web-tactics-2/
Summit Talk: Demystifying AWS Incident Response: A Practical Perspective w/ Monty Shyama
This presentation will include EC2 instance compromise use case, how do we take EBS snapshot, how do we take memory snapshot, how do we isolate this instance using security groups, etc. How do we use systems manager to automate various aspects of this workflow.
At last, let’s talk about AWS Incident Response Framework available on github, what challenges it solve, how do we deploy it, what the architecture look like, etc.
Summit Talk: Navigating the Shadows: Incident Response in the Age of Dark Web Tactics w/ Matthew Maynard
The talk discusses incident response strategies, detection and benefits of dark web threat intelligence. Attendees will leave equipped with practical insights and actionable steps to fortify their defenses against dark web-enabled cyber threats, safeguarding their organizations' digital assets and resilience in the face of evolving cyber risks.
Summit Talk: The Million-Dollar CEO Fraud: Anatomy of a Business Email Compromise w/ Damien Miller-McAndrews
In this summit talk Damien Miller-McAndrews will go over the incident timeline from start to finish, discussing the techniques, tactics, and procedures utilized by the threat actor throughout the incident. Come for the war story, stay for the vital information on BEC incident response, a topic that many defenders and IR professionals are ill-prepared for.
Summit Talk: Dumpster Fires: 3 things about IR I learned by being a firefighter w/ Catherine Ullman
In this summit talk, Catherine Ullman, a veteran firefighter will explore parallels between firefighting and incident response, learn to balance swift action with strategic reflection, and gain insights into effective security practices. Don't miss this chance to enhance your incident response strategy with Ullman's expertise.
Summit Talk: What’s In the Box w/ James Bierly
In this talk we will learn about techniques that can be employed to protect small businesses that lack a dedicated IT presence. This will include both proactive and reactive measures.
We will dive into deploying and using the Elastic Stack and Sysmon to provide post incident telemetry without a lot of hassle for the business and configure Microsoft Defender and the Edge browser to provide a low-cost solution to endpoint defense.
Finally we will “sprinkle the network with pocket litter” by deploying Canary Tokens to help detect, both external and internal threats to the network and data.
Cyber Threat Intelligence 101 w/ Wade Wells
OnlineThe course provides a comprehensive overview of the CTI field and is perfect for anyone who wants to understand the importance of CTI and how it is used to protect organizations from cyber threats. By the end of the course, you will have a strong foundation in CTI and be able to contribute to an organization’s cyber security efforts.
Network Forensics and Incident Response w/ Troy Wojewoda
OnlineIncident responders are continually faced with the challenge of collecting and analyzing relevant event data—network communications is no exception. This course uses an assortment of network data acquisition tools and techniques with a focus on open-source, vendor-neutral solutions. Students who take this course will learn how to perform network traffic and protocol analysis that ultimately supports cybersecurity incident response efforts. From reconnaissance to data exfiltration, network traffic scales to provide a bird’s-eye view of attacker activity. Leveraging the vantage point of key network traffic chokepoints, this course explores nearly every phase of an attacker’s methodology. Students will learn network traffic analysis concepts and work through hands-on lab exercises that reinforce the course material using real-world attack scenarios.
Cyber Security Incident Command w/ Gerard Johansen
OnlineStudents will be guided through managing a cyber security incident through a combination of instructions and practical exercises that will leverage IR Tools and techniques. Specific focus will be on specific decisions and actions that take place during an incident, how to coordinate strategic, operational, and technical teams, addressing crisis communications and getting the organization back to normal.
Incident Response Foundations w/ Derek Banks
OnlineThe goal of this course is to provide the core components that make up a successful Incident Response program. Students will learn how to get started on their IR journey, what to prioritize, and why boring stuff like policies and procedures are just as important as technical digital forensics skills.
Advanced Endpoint Investigations w/ Alissa Torres
For most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data.
Linux Disk Forensics w/ Hal Pomeranz
OnlineThis 16-hour, hands-on course is a quick start into the world of Linux forensics. Learn how to use memory forensics to rapidly triage systems and spot attacker malware and rootkits. Learn where the most critical on-disk artifacts live and how they can help further an investigation. Rapidly process Linux logs and build a clearer picture of what happened on the system.
Ransomware Attack Simulation and Investigation for Blue Teamers w/ Markus Schober
Instructor: Markus SchoberCourse Length: 16 Hours This class is part of the Incident Response Summit. Registration for any Incident Response Summit class includes registration for the summit and all of its presentations, talks, and streams. Clicking on the button above will take youto our registration page on the website. Pricing: Location: Course Description As a cyber...
Read more... “Ransomware Attack Simulation and Investigation for Blue Teamers w/ Markus Schober” »
Attack-Detect-Defend (ADD) w/ Kent Ickler and Jordan Drysdale
Instructor: Kent Ickler and Jordan DrysdaleCourse Length: 16 Hours This class is part of the Incident Response Summit. Registration for any Incident Response Summit class includes registration for the summit and all of its presentations, talks, and streams. Clicking on the button above will take youto our registration page on the website. Pricing: Location: Course Description...
Read more... “Attack-Detect-Defend (ADD) w/ Kent Ickler and Jordan Drysdale” »
Red Team Initial Access w/ Michael Allen
Instructor: Michael AllenCourse Length: 16 Hours Class DatesClass TimesMonday, June 24th, 2024:11:00 AM - 4:00 PM ETTuesday, June 25th, 2024:12:00 PM - 4:00 PM ETWednesday, June 26th, 2024:12:00 PM - 4:00 PM ETThursday, June 27th, 2024:12:00 PM - 4:00 PM ET Pricing: Location: Course Description This new course has been completely rebuilt from the ground...
Breaching the Cloud w/ Beau Bullock
This training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Anti-Cast | Get an Epic Cyber Education for Free (almost)! w/ Carrie Roberts
OnlineJoin us for a free one-hour Antisyphon Anti-cast with Carrie as she shares her recommended list of resources as well as other low cost training options.
Lastly, she will give hints on how to get a college degree quickly and at minimal cost, while earning more than 10 cyber certifications at the same time!
Professionally Evil API Testing: A Practical Course for Beginners
OnlineIf you want to learn how to perform security testing on web applications that use application programming interfaces (APIs), this course is for you. APIs are the connective tissue responsible for transferring information between systems, both internally and externally. They are also a common target for cyberattacks, as they can expose sensitive data, application logic, and internal infrastructure.
Cyber Security Incident Management w/ Gerard Johansen
He'll show you the operational and strategic decision making that takes place during an incident. Specifically, he'll cover the critical role that the Incident Commander plays in leading an organization through an incident. He'll detail the eight-phase Incident Response Leading Procedures, covering the key tasks for the Incident Commander, CSIRT, and other personnel to restore...
Read more... “Cyber Security Incident Management w/ Gerard Johansen” »
Professionally Evil API Testing: AAA and Keys are Not Just for Cars
OnlineThis course will teach you how to test web APIs for authorization and access control related security flaws. You will learn how to map API functionality, identify authentication and authorization flaws, and exploit common API vulnerabilities. You will also gain hands-on experience with tools and techniques for testing API authorization mechanisms and access control models. By the end of this course, you will be able to:
Professionally Evil API Testing: GraphQL, SOAP, and REST Fundamentals and Techniques
OnlineAre you interested in learning how to test different types of APIs for quality and security? Do you want to dive into the essential skills and techniques for testing GraphQL, SOAP, and REST APIs? If so, this course is for you! In this course, you will learn the fundamentals of API testing, including what APIs are, how they work, and why they are important. You will also learn the differences between GraphQL, SOAP, and REST APIs, and how they affect the way you test them for flaws and vulnerabilities. You will gain hands-on experience with various tools and frameworks for API testing, such as Postman, SoapUI, and GraphQL Playground. By the end of this course, you will be equipped to:
Active Defense & Cyber Deception w/ John Strand
OnlineIn this class, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly, you will find out how to do the above legally.
Practical Physical Exploitation w/ Ralph May and Travis Weathers
Tampa, FL Tampa, Florida, United StatesThe Practical Physical Exploitation Course is designed to provide you with everything needed to sell and execute physical security assessments. The key word here is PRACTICAL; everything covered in this course is what you need to know to be successful on your first solo assessment.
Anti-Cast | Getting Started in Geospatial Intelligence (GEOINT) w/ Mishaal Khan
OnlineJoin us for a free one-hour Antisyphon Anti-cast with instructor Mishaal Khan that will open your eyes and explore the dynamic realm of GEOINT (Geospatial Intelligence), a captivating subset of OSINT (Open Source Intelligence) that unlocks a wealth of hidden insights within images and videos.
Securing Speed: Safeguarding CI/CD Pipelines for Robust Software Delivery w/ Andrew Krug
OnlineJoin us for a free one-hour Antisyphon Anti-cast, with instructor Andrew Krug, where he’ll explain best practices for CI/CD, detail common pitfalls, and get hands-on with GitHub Actions + Cloud Providers.
Attendees will gain a high level understanding of what Kubernetes is (without any pre-existing Kubernetes knowledge) and learn how to effectively hack into a real Kubernetes cluster (uh... with permission of course).
Lastly, she will give hints on how to get a college degree quickly and at minimal cost, while earning more than 10 cyber certifications at the same time!