B-SIDES TAMPA 2020 TRAINING CATALOG
Friday, February 28, 2020
Embassy Suites - USF (3705 Spectrum Blvd, Tampa, Fl. 33612)
tDCS & Bio-Hacking
Instructor: Jen S.Time 3:00 till 5:00Are you biohacking curious and want to learn more? Or maybe you’re a hardware hacker who is looking for some new tech to create? Learn about the world of biohacking while getting some hands-on experience with transcranial Direct Current Stimulation (tDCS) devices that will allow you to take power over your own brain patterns through safe electrical stimulation. A limited number of kits will be available for you take home and solder (instructions provided) so that you too can empower yourself with brain stimulation-based biohacking. We will also have other biohacking products and information to share, ranging from CRISPR/CAS9 gene editing to medical device security. If you’re a tinkerer, maker, hacker, or breaker, then you won't want to miss this opportunity. For the best possible experience, bring your soldering iron and materials, and an open mind, and see how the world of biohacking can help you hack your way to better living and a new security mindset.As part of the biohacking group, Vagabond Banana, Jen and Darren have explored topics ranging from quantified-self, nootropics, implants, genomics, sensory augmentation, and neurostimulation. Together, they have presented material covering biohacking basics, personal genomics, and transcranial Direct Current Stimulation at multiple conferences including DEFCON, BDYHAX, and BSides.
Cloud Forensic
9:00 AM till 6:00 PMInstructor : Kerry HazeltonThe Cloud. Businesses leverage its capabilities for multiple purposes including storage and computing. Developers use it to create and host their applications. Even popular MMOs are making the move to Cloud to balance heavy workloads when demand is high. While cloud computing offers many benefits including significant cost savings, there are still key questions which need to be addressed: What happens if a Cloud environment was breached? What is the impact? Also, how does one conduct a forensics investigation in the Cloud?The Cloud Forensics Challenge team (@Cloud4n6) is excited to bring to B-Sides Tampa their latest version of the training workshop and CTF Challenge. While this will not be a deep dive into any one specific Cloud Service Provider; based on feedback from prior conferences including BSidesDC, BSides Kansas City, BSides Charm and HOU.SEC.CON; they will now be focusing the workshop phase on demonstrating some of the tools and techniques used in a cloud-based digital forensics investigation. The CTF phase will have students placed into teams and go head-to-head to solve challenges and brain teasers as they search for "flags" on the digital image of a Cloud-based server and redeem them to earn points and win some sweet gear!Students will need the following software installed either on their local machines or on a VM: Wireshark, TSK/Autopsy, Volatility or other memory analysis tool, OllyDBG or other reverse engineering tool, StegoMagic or other steganography tool. Also, bookmark some cipher webpages. Alternatively, students may spin up a machine in AWS, Azure, or GCP to handle the workload. The forensic image will be made available solely to registered students no later than one week prior to the workshop to allow for uploading and ingestion into the forensic software.Any general questions regarding the workshop may be sent directly to the Cloud Forensics Challenge team at Cloud4n6Challenge (at) gmail (dot) com.Kerry Hazelton’s (@M1sT3R_K1Lr0Y) career between Information Technology and Security has spanned the course of over two decades, and with it he has developed considerable experience with systems and network support, data center operations, and information security. As such, he considers himself a “cybersecurity enthusiast” due to his desire and motivation to read up on the latest trends within the industry, to learn about a new exploit or tool, or his willingness to teach and share with others his experiences over the years. He is the creator of the Cloud Forensics Challenge, which is an all-day technical workshop and CTF competition that focuses on learning about the science of cloud forensics and its real-world applications to test students' comprehension and their skills.
OSINT
9:00 AM till 6:00 PMInstructor : Joe GrayIn this 8-hour Open Source Intelligence (OSINT) workshop, we will begin with a fundamental understanding of OSINT. We will also discuss the legal and ethical considerations of the collection and destruction of OSINT data. From here, we will discuss the offensive and defensive applications of OSINT information. In the next modules, we will discuss People OSINT and Business OSINT as they relate to offensive attacks. We will wrap up a 2-hour CTF.Hour 1: Intro to ClassCourse FlowExpectationsTechnical Set Up Period for those with issuesOperating systemKaliBuscadorLinuxAPI KeysToolsHour 2: Intro to OSINTIntroduction to Open Source Intelligence (OSINT)Types of OSINTBusiness OSINTPeople OSINTOSINT for Threat IntelligenceSource of OSINTEthical and Legal considerationsSpecialized Operating SystemsKaliBuscadorCollection ConsiderationsSecuring the Data CollectedHour 3: People OSINTCollection ConsiderationsScopingAdversary ProfileWhat to collect?PlatformsSocial MediaBusiness FilingsPublic RecordsEmail AddressesGenealogy websitesParsing the data for relevanceHour 4: People OSINT LabPart 1 (15 min): Collect OSINT about you and your familyPart 2 (45 Min): Using assigned company, collect flags from the instructor on C-Suite of the companyLunchHour 5: Business OSINTReview and Free Question PeriodIntroduction to Business OSINTCollection of Business OSINTTarget WebsiteProfessional AssociationsSEC filings and BloombergPublic RecordsSocial MediaPivoting to/from the People OSINTHour 6: Business OSINT LabPart 1 (15 min): Collect OSINT on your businessPart 2 (45 min): Collect OSINT on the business assigned to you by the instructorHours 7-8: Team OSINT CTFIn groups, obtain a new target (different than lab targets) and collect the flags from the instructorGather Flags to win a prize (1st, 2nd, and 3rd place teams)
Malware Traffic Analysis [Sold Out]
9:00 AM till 6:00 PMInstructor : Brad DuncanThis training is a one day workshop that provides a foundation for investigating packet captures (pcaps) of malicious network traffic. The workshop begins with basic investigation concepts, setting up Wireshark, and identifying hosts or users in network traffic. Participants then learn characteristics of malware infections and other suspicious network traffic. The workshop covers techniques to determine the root cause of an infection and determining false positive alerts. This training concludes with an evaluation designed to give participants experience in writing an incident report.Requirements:Participants require a laptop, preferably running a non-Windows OS (a Windows laptop using a virtual machine running Linux will work). Participants also require a recent version of Wireshark, at least version 2.6.x or later, and an Internet connection to download pcaps used for this training.Training outline:I. Introduction and setting up WiresharkII. Identifying host and usersIII. Non-malicious activityIV. Windows malware infectionsV. Bad web traffic and policy violationsVI. Researching indicators & false positivesVII. Writing incident reportsVIII. EvaluationTrainer biography:Brad Duncan is a currently a Threat Intelligence Analyst for Palo Alto Networks Unit 42. He specializes in network traffic analysis of malware infections. Brad is also a handler for the Internet Storm Center (ISC) and has posted more than 140 diaries at isc.sans.edu. He routinely blogs technical details and analysis of infection traffic at www.malware-traffic-analysis.net, where he provides traffic analysis exercises and over 1,600 malware and pcap samples to a growing community of information security professionals.