Antisyphon
- Events
- Antisyphon
Anti-Cast | How to Use “Leaky Vessels” for Container Escape in Kubernetes w/ Jay Beale
OnlineJoin us for a free one-hour Antisyphon Anti-Cast, with instructors Derek Banks and Troy Wojewoda, to gain insight on how they both produce and use various forms of threat intel at Black Hills Information Security (BHIS).
Anti-Cast | Intro to Software Defined Radio (SDR) for Space Signals Analysis w/ Tim Fowler
OnlineIn this free one-hour Antisyphon Anti-Cast, Tim Fowler - Black Hills Information Security: Security Analyst, will explore the versatile world of software-defined radio (SDR) and its application in satellite communication.
Anti-Cast | Radioactive Vulnerabilities-Learn Secure Coding w/ Jennifer Shannon and Kathy Collins
OnlineTune in to 'Radioactive Vulnerabilities - Learn Secure Coding,' a free one-hour Antisyphon Anti-Cast that shares the tragic story of the Therac-25 radiation therapy incidents and how those incidents can teach us the significance of security testing before technology deployment.
Summit Talk: Less but Better: Lessons Learned From Red Teaming Esoteric Environments
Talk Length: 20-25 minutesTuition: free Pricing: Location: Talk Description As the technology we rely on to build our businesses increases in complexity, it is requiring more specialized knowledge of how to deploy, administer, and secure it. Unfortunately this increasing of technological complexity presents a unique problem to those of us on the red team: how do...
Summit Talk: Evasive Facility Breach: From Ingress to Egress in 15 Minutes or Less
OnlineDive into the world of efficient and effective evasive physical red teaming. This presentation offers a condensed glimpse into key elements covered in the full Practical Physical Exploitation course, providing attendees with insights to navigate assessments with minimal exposure while eliciting jaw-dropping client reactions. Explore topics such as Gear, Remote Recon & On-site Surveillance, Threat Profiling, Off-site Operations, and Facility Access. Join this high-impact learning experience that equips you to elevate your physical penetration testing skills. Get ready to drink from the firehose and possibly walk away with a new look at evasive facility breach tactics.
Summit Talk: Bypass Like It’s 1999: Decades of Fraggles, Doozers, and Desync
OnlineDance your cares away! Let's put on our denim jacket and bucket hat, cue up our The Prodigy CD, login to our RedHat Linux 6.0 appliance, and fire up Snort 1.2.1 to see if our shiny new Perl exploit gets caught! Should we share this out on Bugtraq or save it for a rainy day?
Summit Talk: How to annoy your colleagues, lose friends and throw away your social life: Bypassing EDRs
OnlineHow we come up with ideas, test them, annoy the Service Desk and our security colleagues by either swamping them with false alerts, doing silly things like encoding, block the process on windows firewall, dazzle the MSP at the same time and so on.
Summit Talk: Less but Better: Lessons Learned From Red Teaming Esoteric Environments
OnlineIn this talk I will discuss some of the unique challenges I have run into, the often surprising solutions I've discovered, as well as the techniques I use when approaching new highly complex environments that allow me to demonstrate risk without spending all of my allotted time researching the intricacies of each technology in play
Summit Talk: The Offensive Odyssey: A Deep Dive into Bypass Techniques
OnlineThis presentation will explore the various bypass techniques used by attackers, detailing the most effective and creative ways to breach security measures. The focus of the presentation will be to provide practical examples and challenges that can be implemented to gain a real understanding of these techniques. Participants will learn how to assess weaknesses and bypass restrictions on different platforms and operating systems, including those commonly found in enterprise environments.
Summit Talk: Wireless for Red Teams
OnlineExplore key tactics for red teams across various wireless protocols, including Wi-Fi, Bluetooth, RFID, and more, in this focused talk. Delve into reconnaissance, exploitation, and custom tool development, offering actionable insights for security professionals to elevate offensive strategies in a concise 20-minute presentation.
Summit Talk: In Cloud We Trust: Common M365 Attack Techniques to Bypass Defenses
OnlineReady to learn common attacks to bypass defenses in Microsoft 365? This session will explore techniques used by red teamers to achieve initial access or evade detections.
Summit Talk: Greetings from the Red Team!
OnlineDuring this talk you'll learn how the attack works and why relatively simple techniques are sometimes the best at overcoming advanced defenses. I'll also share the methodology I used to increase my chances of success and make detection as difficult as possible.
Advanced Offensive Tooling w/ Chris Traynor
OnlineIn the Advanced Offensive Tooling course, you will embark on a journey into the depths of cybersecurity expertise, immersing yourself in advanced techniques and methodologies employed byseasoned offensive operators. The curriculum is meticulously designed to not only sharpen your skills but also elevate your understanding of your toolset. Explore each tool's inner workings, unlock customization options, harness scripting abilities, and learn the art of responsible tool usage.
Defending the Enterprise w/ Kent Ickler and Jordan Drysdale
OnlineFor the luckiest of enterprises, the awareness of an insecure environment is proven not in public discord after a breach but instead by effective security penetration tests. Time and time again Jordan and Kent have witnessed organizations struggle with network management, Active Directory, organizational change, and an increasingly experienced adversary.
Modern Webapp Pentesting II: Webapp Internals w/ BB King
OnlineModern Webapp Pentesting II: Webapp Internals is written as a followup to Modern Webapp Pentesting. This course builds on the fundamentals and gives you experience with how they apply to current problems in web applications.
Ransomware Attack Simulation and Investigation for Blue Teamers w/ Markus Schober
OnlineAs a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
HackerOps w/ Ralph May
OnlineIn this training, we learn the fundamentals of DevOps and how we can code our tactics, techniques, and procedures (TTPs). Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share.
Breaching the Cloud w/ Beau Bullock
KernelCon2024 555 S 10th St, Omaha, NebraskaThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Antisyphon Training @ BSides Fort Wayne 2024
OnlineAntisyphon Training will be at BSidesFortWayne this Fort Wayne, IN, this May!
Modern Webapp Pentesting II: Webapp Internals w/ BB King
Skyline/Ash Brokerage Building 888 S. Harrison St. #500, Fort Wayne, IN, United StatesModern Webapp Pentesting II: Webapp Internals is written as a followup to Modern Webapp Pentesting. This course builds on the fundamentals and gives you experience with how they apply to current problems in web applications.
Hacking Active Directory: Fundamentals and Techniques w/ Dale Hobbs
Skyline/Ash Brokerage Building 888 S. Harrison St. #500, Fort Wayne, IN, United StatesThe majority of enterprise networks today are managed using Microsoft Active Directory and it is crucial for a security professional to understand the current threats to a modern Windows environment.
The course begins with an overview of Active Directory architecture and how it can be leveraged by attackers to gain access to critical assets. Participants will learn about the various attack vectors and methods used to compromise Active Directory, such as password attacks, service abuse and privilege escalation.