Wild West Hackin' Fest 2019

10:00am - Nick Roy: OSINT and the Hermit Kingdom. Leveraging online sources to learn more about the worlds most secret nation.

10:45am - Marcus W Tonsmann: DoH (DNS over HTTPS) for attackers and defenders
DoH is coming. This talk will prepare you by covering the basics of the protocol, available tools for testers, and techniques being leveraged by real adversaries. Proactive defensive measures will also be discussed, with an eye towards the future.

11:30am - Robert Hawes: Enumerating Userland Applications Attack Surface on Windows
This presentation will cover how to perform attack surface enumeration concerning windows userland applications. Inside the domain of vulnerability research, many different methodologies exist for how a researcher may start their journey with auditing an application. This presentation will provide information on how to enumerate the attack surface of userland applications that are deployed on the Windows operating system.

1:00pm - Kelly Whitaker: Hacking Pioneers, Breaking through the stigma of influential advertising
This presentation will challenge the way you think about those who are in the computer science industry.

1:45pm - Ryan Stalets: Abusing AWS Architecture (and How to Defend It)
Amazon Web Services (AWS) offers many architecture features which improve application performance and make it easier to deploy applications. This talk will look at two AWS architecture features which can be abused to hide C2 traffic and compromise application code and infrastructure. We will also discuss these features from a "prevent, detect, respond" perspective with a special emphasis on detection and response actions for SOC/IR teams.

2:30pm - Serenity Smile: Fortify Yourself First: Personal Cybersecurity Distilled
As a cybersecurity professional, are you doing the best you can to protect
yourself and your family first? This talk will thoroughly distill the latest research and provide a
practical cheat sheet for what you need to do NOW to mitigate risks as a user of cyberspace.

3:15pm - Nicholas Childs: Aircraft avionics primer for hackers

4:00pm - James Arnold: Configuring Malleable C2 for Threat Emulation and Opsec Safe(ish) Payloads
This talk will start by showing the options of Cobalt Strike’s Malleable C2 Profiles. Next, we will go through the process of getting information from malware analysis reports to mimic malware for use in testing detection systems and/or use in Purple Team projects. Finally, we will go through options for creating a more Opsec safe(ish) profile.

9:00am - Branden Miller - Email header analysis... the hard way
There is a treasure trove of data that one can get from email headers. Many tools provide this data in easy to read formats automatically, but, to fully understand what is going on, one must understand the types of data. This talk will introduce the data, help the user synthesize the data, and turn it into intelligence.

9:20am - Frank Vianzon - Anatomy of a phishing attack
Per the Verizon Breach Report of 2018, phishing is on the rise. In this talk we will look at a few really good phishing e-mails that I received and break down how to recognize it, how to protect yourself against it and how to perform a basic analysis of what the phishing e-mail is doing using the Burp Proxy Suite

9:40am - Heather Lawrence - Higher Ed and the Infosec Skills Gap
Some 37% of the 2018 ISC2 Workforce Study indicated that they were concerned about the lack of skilled cybersecurity personnel while almost 60% indicated that their organization is at risk due to the staff shortage. This talk discusses the current availability and quality of infosec higher education, how few institutions are preparing their students with the skills they need, and effective training methods that organizations can use to bridge the gap in-house.

10:00am - Bob Hewitt - Our Adventure with an Awareness Training Escape Room
Are you as tired of Annual Awareness Training as your users are? It might be time to change up your approach to Security Awareness Training with some gamification. Escape Rooms can be fun and a great opportunity for team building while demonstrating your Information Security Awareness objectives. Participants are faced with a series of scenarios that require actions that reflect your organizations policies, procedures and best practices.

10:20am - Josh Fu - The Real Deal about AI
Artificial Intelligence(AI) is impacting our world in previously unimaginable ways and vendors love to say they use it. But how does it really work? If you are looking for the real deal about this industry buzzword, this is the talk for you. We will cover the history of this incredibly innovative technology, what it is and what it is not, the steps required to produce a solution, the subfields that make up AI, how various industries are using it, and at the end of the presentation provide the reference list for you to dive deeper into this next generation field and get started for yourself.

10:40am - Bronwen Aker - URL Hacking - How to Cut the Tracking Cruft
Have you ever read a web page and wondered what all that weirdness in the URL means? It’s not rocket science, but there is madness behind the method of how those URLs are put together, and you can learn how to use it to your advantage. Hidden in plain view are the tracking codes companies like Google, LinkedIn, Amazon, and others use to track where you go online and how you got there. Trimming those codes from your URLs is easy, makes your links friendlier, and prevents would-be online trackers and their marketing masters from keeping tabs on you. Come along as we hack some URLs so you can clean that marketing malware from the links you use and share with others.

11:00am - Edward Ruprecht - When logging everything becomes an issue
Discussing potential issues with logging Sysmon and PowerShell logs. Potential sensitive data leakage, best practices, and scalability issues.

11:20am - Josh Rykowski - Gamification and Andragogy - A Match Made for Workforce Empowerment
In this talk I discuss the series of trials and tribulations faced when developing a programming competition aimed at energizing a large (approximately 700 individuals) existing employee population within our organization and trying to stoke their excitement about learning how to script and program.

1:00pm - Heath Adams - What I Learned After a Year as a Cybersecurity Mentor
Cybersecurity professionals are life-long learners. We put in our 40+ hours a week at work, but it never ends there. The field is constantly changing. Every day, something new comes out. A new exploit. A new patch. New software. A tactic that worked yesterday might no longer work today. Because of this constant state of metamorphosis, a cybersecurity pro is always studying. We are reading news articles. We are catching up on Twitter. We are working on certifications, on a CTF, or whatever it is that keeps our endorphins escalated. We never stop.

Many people come in seeing the sexy, only to bail when they realize the level of effort needed to succeed. In my belief, this is why we have (and always will have) a shortage in the field. This talk will provide guidance and resources available to network, find jobs and succeed in the field of cybersecurity.

1:20pm - Bruce Norquist - STRIDE Threat Model of a Cloud Application & Associated Cloud Baggage
This presentation is on a generic SAAS application and associated Cloud Stack’s Threat Model.
The central theme of this discussion uses VISIO drawings of the SAAS, PAAS, and IAAS and the related STRIDE set of threats.

STRIDE is a model of threats developed by Praerit Garg and Loren Kohnfelder at Microsoft for identifying computer security threats. It provides a mnemonic for security threats in six categories.
The threats categories are:
•    Spoofing of user identity
•    Tampering
•    Repudiation
•    Information disclosure (privacy breach or data leak)
•    Denial of service (D.o.S)
•    Elevation of privilege