antisy_training - Network

Ready for more Linux amazingness with @hal_pomeranz ? Then join us for this week's Anti-Cast, "XFS Forensics with xfs_db,"...

Ready for more Linux amazingness with @hal_pomeranz ? Then join us for this week's Anti-Cast, "XFS Forensics with xfs_db," Aug. 16 at 12 p.m. EDT! Register here: https://blackhillsinfosec.zoom.us/webinar/register/WN_fCna_N-QRSCOHNT-eqHRww
PreShow Banter™ at 11:30 a.m. EDT.

Despite being a common Linux file system, forensic support for XFS is still largely lacking. In this session, Hal will describe how to turn the humble xfs_db tool into a useful forensic application for examining XFS file system internals and finding critical evidence. Attackers aren’t the only ones who can “live off the land”!

Chat with your fellow attendees in the Antisyphon Discord server here: https://discord.gg/antisyphon -- in the #webcasts-livestreams channel

Join @hal_pomeranz and the Antisyphon Team this Wednesday at 12 p.m. EDT for our next Anti-Cast, "Forensicating Linux LD_PRELOAD...

Join @hal_pomeranz and the Antisyphon Team this Wednesday at 12 p.m. EDT for our next Anti-Cast, "Forensicating Linux LD_PRELOAD Rootkits"!
Tune in at 11:30 a.m. EDT for PreShow Banter™. Register here: https://zoom.us/webinar/register/WN_T43NCXR2Sg2jDmVpxUZXgw

Widespread availability of PoC Linux LD_PRELOAD rootkits means that even trivial cryptomining attacks are starting to deploy them. This talk demonstrates a simple LD_PRELOAD rootkit and techniques for detecting them in a live response scenario and by memory analysis. Get the jump on your adversaries with this fast-paced, practical introduction.

Chat with your fellow attendees in the Antisyphon Discord server here: https://discord.gg/antisyphon -- in the #webcasts-livestreams channel

Remember people, no matter who you are and what you do to live, thrive, and survive, everybody... everybodyyy... needs some... Blue Team in...

Remember people, no matter who you are and what you do to live, thrive, and survive, everybody... everybodyyy... needs some... Blue Team in their life! Join us on Aug. 23 as we get the band back together for our Antisyphon Blue Team Summit 2023, where we'll have talks, CTF, and post-summit training on Aug. 24-25.
We'll see you there... Don't forget your shades and favorite Blues songs. 🕶️ 🎵
Event info and registration: https://www.antisyphontraining.com/training/blue-team/2023/06/blue-team-summit-coming-in-august-2023/

Join us for an Anti-Cast this Wednesday with the Linux master himself, @hal_pomeranz ! Webcast starts at 12 p.m. ET, PreShow Banter™ at...

Join us for an Anti-Cast this Wednesday with the Linux master himself, @hal_pomeranz ! Webcast starts at 12 p.m. ET, PreShow Banter™ at 11:30 a.m. ET. Register here: https://zoom.us/webinar/register/WN_1OQ0y_kMRPydr6ECFizHjg
If you’ve been using the Linux command line for a long time, you may have missed out on some sweet new features of common commands that can make your life much better. Join Sensei Hal as we break down some practical examples and demonstrate some useful new functionality.

Chat with your fellow attendees in the Antisyphon Discord server here: https://discord.gg/antisyphon -- in the #webcasts-livestreams channel

Check out Hal's class, "Linux Command Line for Analysts & Operators," that he will be teaching live, in-person at @WWHackinFest - Deadwood 2023. → https://wildwesthackinfest.com/conference/pre-conference-training/

New to Azure pentesting and feel like you could use a little guidance? Then be sure to check this past Black Hills Information Security...

New to Azure pentesting and feel like you could use a little guidance? Then be sure to check this past Black Hills Information Security webcast, "Getting Started in Pentesting The Cloud–Azure," with @dafthack!
Watch the webcast here: https://www.youtube.com/watch?v=u_3cV0pzptY
Register for "Breaching the Cloud" with Beau June 27-30: https://cvent.me/VKRn0e?RefId=BHIS203_MD

Webcast published 6/2/21

For the next run of "Foundational Data Protection Training" with Bill McCauley, from @secureideas June 13-14, we're excited...

For the next run of "Foundational Data Protection Training" with Bill McCauley, from @secureideas June 13-14, we're excited to be donating 10% of class revenue to @hak4kidz !

Help support this project: https://hak4kidz.com

Class details & registration: https://cvent.me/m9LDwa?RefId=10_MD

Alright, folks, what was your answer to this PCI question? Here's Nathan Sweaney's answer! ↓The Report on Compliance (ROC) is...

Alright, folks, what was your answer to this PCI question? Here's Nathan Sweaney's answer! ↓
The Report on Compliance (ROC) is filled out and signed by a QSA who validates the organization's PCI compliance. It is usually only required for Level 1 merchants, and occasionally some smaller merchants, and must be submitted to the merchant's acquiring bank. The Attestation of Compliance (AOC) is a similar document used by smaller merchants that can be used to summarize the status of the Self Assessment Questionnaire (SAQ). It is usually not signed by a QSA or required to be submitted.

Join Nathan on June 6, 12-4 p.m. ET, for his Pay-What-You-Can class, "PCI 101"! Register here: https://cvent.me/KnXMoB?RefId=Q%3F_MD

Check out this past Black Hills Information Security webcast, "The SOC Age Or, A Young SOC Analyst's Illustrated Primer" w/...

Check out this past Black Hills Information Security webcast, "The SOC Age Or, A Young SOC Analyst's Illustrated Primer" w/ @strandjs . https://www.youtube.com/watch?v=Lhol4rZo_ts
Join John for "SOC Core Skills" June 12-15. Come for the learning, stay for the rants and John's face memes! Register: https://cvent.me/LnDK7E?RefId=BHIS154_MD

In the PCI context, what's the difference between a ROC and an AOC? Tell us what you think!Learn the answer to this question and more in...

In the PCI context, what's the difference between a ROC and an AOC? Tell us what you think!
Learn the answer to this question and more in Nathan Sweaney's upcoming Pay-What-You-Can class, “PCI 101,” on June 6! Details and registration: https://cvent.me/KnXMoB?RefId=Q%3F_MD

Don't forget our Black Hills Information/Antisyphon Training webcast today 1 p.m. ET! Still time to register:...

Don't forget our Black Hills Information/Antisyphon Training webcast today 1 p.m. ET! Still time to register: https://zoom.us/webinar/register/WN_d-GI7v7bQriRu_O-mi7kcg#/registration
Join in at 12:30 p.m. ET for PreShow Banter™
Join @yoda June 13-16 for his class, “Introduction to Python.” Details and reg here: https://cvent.me/4brYMg?RefId=WB525_MD

Here's a past livestream with Chris Brenton where he shows how to go through PCAP files with Zeek....

Here's a past livestream with Chris Brenton where he shows how to go through PCAP files with Zeek. https://www.youtube.com/watch?v=Jd80NfBVAcU

Join Chris June 6-9 for his Pay-What-You-Can class, "Getting Started in Packet Decoding"! Details and registration here: https://cvent.me/D0Dlmg?RefId=ANTI009_MD

In your opinion, what's the most difficult part of pentest reporting?Be sure to join BB King for his PWYC class, "Reporting for...

In your opinion, what's the most difficult part of pentest reporting?
Be sure to join BB King for his PWYC class, "Reporting for Pentesters," on June 7! Details & registration here: https://cvent.me/Onr3Og?RefId=P%3F_MD

Giving clear remediation advice
Writing so business leaders AND technical people can understand
Summarizing the whole effort briefly and accurately.
Describing things at the right level of detail

Antisyphon Training & Black Hills Information Security are collaborating on a webinar! 🎉💻Hey folks! 👋🔓 Exploit-db contains...

Antisyphon Training & Black Hills Information Security are collaborating on a webinar! 🎉💻

Hey folks! 👋

🔓 Exploit-db contains many different forms of software vulnerability exploits.

🔍 These various software exploits are documented as anything from simple command line entities through proof of concept (POC) scripts written in languages like C, C++, C#, Ruby, Python, and UNIX shell scripts.

🎥 In this webcast, @yoda will break down the Python language components of an exploit documented in CVE-2019-13577, targeting the Maple Computer WBT SNMP Administrator version 2.0.195.15. 🐍💥

Thursday, May 25th - 1:00 PM ET

Register: https://zoom.us/webinar/register/WN_d-GI7v7bQriRu_O-mi7kcg#/registration

He will discuss the required Python language components, modules, and porting of the exploit from Python2 to Python3.

If none of that made any sense to you, then this might be the perfect webcast to start learning these things.

Joff is also teaching another run of his "Introduction to Python" course in June! Find out more & register here: https://cvent.me/4brYMg?RefId=WB525_MD

Chat with your fellow attendees in the Antisyphon Discord server ➡️: https://discord.com/invite/antisyphon

Show up early for the pre-show!

John Strand & Joff Thyer -

Part 2 of BB's webcast, "Professional Pentest Reporting - A Model for Clear Communication," is up!...

Part 2 of BB's webcast, "Professional Pentest Reporting - A Model for Clear Communication," is up! https://www.youtube.com/watch?v=Uu3pardnHiI
Register for BB's Pay-What-You-Can class, "Reporting for Pentesters," on June 7, 12-4 p.m. ET. → https://cvent.me/R1LDnW?RefId=P2-128_MD

Happy Thursday, everyone! Here are next week's courses. Hope to see you there!• "Introduction to Industrial Control Systems"...

Happy Thursday, everyone! Here are next week's courses. Hope to see you there!
• "Introduction to Industrial Control Systems" | Ashley Van Hoesen | May 23-26, 2023 | Registration: https://cvent.me/m97OqD?RefId=NWC_MD

From Brian King's (BB) words, "I’ve never once been paid for a pentest. I get paid for the report."And if you love to hate...

From Brian King's (BB) words, "I’ve never once been paid for a pentest. I get paid for the report."

And if you love to hate reporting, than BB has the techniques and tools you need to make reporting a little easier! Check out part 1 from this @bhinfosecurity webcast, "Professional Pentest Reporting - A Model for Clear Communication." https://www.youtube.com/watch?v=rM-MVSe4MiA

Don't miss your chance to learn live, online with BB during the upcoming run of his Pay-What-You-Can class, "Reporting for Pentesters," on June 7! → https://cvent.me/o9vy0L?RefId=P1-128_MD

Another run of "Professionally Evil Network Testing (PENT)" with Eric Kuehn, from @secureideas, is coming up Aug. 14-18!...

Another run of "Professionally Evil Network Testing (PENT)" with Eric Kuehn, from @secureideas, is coming up Aug. 14-18! https://cvent.me/2xP10E?RefId=IP_MD

This hands-on course will teach students a basic methodology for network penetration testing and an introduction to the processes used. Students will walk through the phases of Reconnaissance, Mapping, Discovery, Exploitation, and Post-Exploitation with demonstrations of various tools and tactics used in each phase.

Key Takeaways
• Gain a familiarity with the network penetration testing process
• Understand non-technical concepts such as client communications, scoping, documentation, and reporting
• Learn technical concepts such as mapping the network to discover vulnerabilities and how to exploit them
• Learn how to use common and applicable tools in a controlled environment

📢 Have you heard about our upcoming "Introduction to Industrial Control Systems" course with Ashley Van Hoesen?It's running...

📢 Have you heard about our upcoming "Introduction to Industrial Control Systems" course with Ashley Van Hoesen?

It's running from May 23-26, and we're thrilled to announce that we're donating 10% of the class revenue to Open PLC! 🤝

Open PLC is a Programmable Logic Controller (PLC) that is based on an easy to use software. It is the first fully functional standardized open source PLC, both in software and in hardware.

We're honored to be able to support Open PLC through our upcoming course, and we hope that you'll consider joining us!

Help us support the project ➡ https://lnkd.in/eAsFNshd

Sign up for our "Introduction to Industrial Control Systems" course today. 👉 https://lnkd.in/eTBwa37Y

🔎 Did you catch our post on Monday about the upcoming courses running next? If you missed it, don't worry – there's still time...

🔎 Did you catch our post on Monday about the upcoming courses running next? If you missed it, don't worry – there's still time to register! ⏰

We're excited to offer a variety of courses next week, one of those is Enterprise Forensics and Response with Gerard Johansen. This course is ideal for those who want to learn how to investigate and respond to security incidents in large-scale environments.

👩‍💻🔒💻 With practical exercises and case studies, you'll develop the skills and knowledge needed to identify and contain security breaches, collect and analyze digital evidence, and report findings to stakeholders. 📚💻🔎

Register now and join us next week! https://lnkd.in/efixC72g

Happy Monday, folks! Here are next week's courses. Still time to register! https://www.antisyphontraining.com/training-calendar/•...

Happy Monday, folks! Here are next week's courses. Still time to register! https://www.antisyphontraining.com/training-calendar/

• "Enterprise Forensics and Response" I Gerard Johansen | May 16-19 | Registration: https://cvent.me/XVONA9

• "OWASP TOP 10" | Kevin Johnson | May 15-17 | On-Demand available | Registration: https://cvent.me/kXB9dY

• "Security Leadership and Management" | Chris Brenton | May 16-19 | On-Demand available | Registration: https://cvent.me/40mYGP