Trainings 2022

Get Your Training Tickets Here!

Training Location: Rochester Institute of Technology 1 Lomb Memorial Drive, Rochester, NY, 14623, United States

Specific classroom details will be sent to ticket holders.

The following workshops will be offered on Friday, the day before the main conference:

Date: Fri, March 18, 2022

Track 8AM - 12PM 1PM - 5PM
1 Alternative & Advanced Search Engine Intelligence (ASSEI) A Survey of Linux Forensic Techniques
2   Intro to Threat Hunting: A Hands on Blueteam Battleground!
3 Tactical Windows Forensics Tactical Windows Forensics ( Cont. )
4   Introduction to Cryptocurrency Investigations (ICI)

NOTE: All classes require a laptop

A Survey of Linux Forensic Techniques

Length: 4 hours

Instructor: Jared Stroud

According to recent industry reports, Linux focused malware has grown in the past year by over 30%. With the rise in Cloud Computing it’s no surprised that attackers are looking beyond traditional Windows environments to profit off of illicit access. Students will be provided with a ““compromised”” disk image in which they will analyze, extract and identify IoCs to triage analyze post-compromise activity on the targeted machine. This course will focus on how to triage Linux malware, and analyze different ATT&CK mapped TTPs that Linux malware commonly uses. From capturing memory dumps to network traffic analysis, we’ll explore different techniques to enable DFIR response practices in a fun, CTF styled environment. Students will be required to bring their own laptops, a Vagrant file will be provided to provision the environment (Virtualbox). Experience with Linux command line and introductory experience with x86/x86_64 assembly recommended.

Price: $20

Alternative & Advanced Search Engine Intelligence (ASSEI)

Length: 4 hours

Instructor: Joe Gray

Alternative & Advanced Search Engine Intelligence (ASSEI) is a fast paced course to amplify students’ existing OSINT/Intelligence and Search Engines Knowledge. The course will introduce students to non-Google, regional, and specialized search engines then walk students through advanced Google dorking with relevant real-world scenarios rooted in offensive security, defensive security, and Intelligence.

This course counts toward The OSINTion Black Badge.

Price: $80.

Student Price: $50 ( with .edu address ).

Introduction to Cryptocurrency Investigations (ICI)

Length: 4 hours

Instructor: Joe Gray

Introduction to Cryptocurrency Investigations (ICI) is a foundational course to help students with zero knowledge about cryptocurrency and blockchain get the basic comprehension for the technologies then thrust into introductory investigation techniques using free tools.

This course counts toward The OSINTion Black Badge.

Price: $80.

Student Price: $50 ( with .edu address ).

Tactical Windows Forensics

Length: 8 hours

Instructor: Tyler Hudak

This class will take students through multiple labs that are designed to teach them key Windows forensics skills. Unlike other courses, students will start with the labs and learn by doing.

Computer forensics is a skill that is widely in demand and with good reason. As organizations obtain more visibility into their environments, more compromises are detected and the need to determine what happened grows.

In my experience, skills are learned faster by doing rather than watching. Therefore, this course will be taught differently than most in that it is solely composed of labs. Participants will work through a number of exercises where they analyze various aspects of Microsoft Windows using computer forensics on one or more compromised systems. Each lab will start with a brief introduction, followed by the lab itself. After an allotted time has passed, the techniques used to analyze the system and answer the questions will be discussed.

Sample skills that will be utilized in the labs include analyzing logs, the file system, the registry, and memory. In addition to the class labs, students will be given additional labs to perform on their own and at their own pace. This course is designed for those with different Windows forensics skill levels - from beginners to experts, so there will be challenges for everyone. However, labs chosen will be tailored to the overall skill level of the class.

Course requirements -

Students should bring a laptop with two VMs:

  • One Windows VM
  • One forensic VM (https://tsurugi-linux.org/ is good)

VM software should be able to take snapshots.

All other materials will be supplied.

Price: $50.

Intro to Threat Hunting: A Hands on Blueteam Battleground!

Length: 4 hours

Instructor: Adam “Abe” Abernethy

This interactive classroom involves learning the basics of using a SIEM. From there we’ll quickly advance to running simulated attacks (or real attacks if you want!) on a Windows Server.

As we progress through the training and labs, we’ll escalate into more and more difficult attacks to detect, discuss what they are doing to a system and different ways to detect the attacks.

Abes classrooms are always incredibly serious, no funny business, no squirrels, no hair-metal, and ABSOLUTELY NO GIGGLING.

The entire cyber battleground will be provided through hosted virtual machines - just bring a laptop with some internet juice!

Price: $25.