BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Sold Out - Flipping the Coin: Red and Blue Teaming i
 n Windows\n   Environments (++)\n   When: Thursday\, Aug 8\, 14:00 - 17:59
  PDT\n   Where: Springhill Suites/Dean Martin - [1]Map\n\n   Description:\
 n\n   Red and blue are two sides of the same coin. Offensive and defensive
 \n   teams deliver the best results when working together\; sharing\n   kn
 owledge\, ideas\, and understanding with each other. And a core part\n   o
 f this information exchange is understanding each respective\n   perspecti
 ve. This is the overarching theme of the workshop\; attackers\n   thinking
  like defenders\, and defenders thinking like attackers.\n\n   This worksh
 op is the second version of Flipping the Coin and features\n   upgraded at
 tack paths\, and lab environments.\n\n   By the end of the workshop\, atte
 ndees will:\n\n     1. \n\n       Understand and perform common offensive 
 attacks (supported by the\n       Metasploit Framework) against Windows Do
 mains\, including:\n\n         * Pass the Hash attacks\;\n\n         * gMS
 A Golden Attack\;\n\n         * ADCS abuse\;\n\n         * Common tunnelli
 ng techniques\;\n\n         * PrintSpoofer exploits\;\n\n         * LSASS 
 exploitation (using Mimikatz)\;\n\n         * AD enumeration (using BloodH
 ound)\;\n\n         * DACL abuse\;\n\n         * Kerberos golden tickets\;
  and\n\n         * DLL hijacking.\n\n     2. \n\n       Understand the pro
 cess of detecting attacks against Windows\n       infrastructure\, includi
 ng how to design and implement their own\n       detection rules based on 
 attendees’ previous attacks\, using:\n\n         * Sigma/Yara rules.\n\n
          * Log ingestion/normalisation platforms\, and query engines (e.g.
 \n           ELK).\n\n     3. \n\n       Understand and appreciate how the
  actions and processes of red and\n       blue teams are interlinked\, for
  the greater collective good.\n\n   Recommended (but not required) prior r
 eading: -\n   https://nooblinux.com/metasploit-tutorial/ -\n   https://pos
 ts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-
 for-everyone-39cfd8d6eb7c\n   -\n   https://learn.microsoft.com/en-us/wind
 ows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-s
 ervices-overview\n   - https://socprime.com/blog/sigma-rules-the-beginners
 -guide/ -\n   https://github.com/socprime/SigmaUI -\n   https://blog.netwr
 ix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\n   - https://posts
 .specterops.io/certified-pre-owned-d95910965cd2 -\n   https://www.elastic.
 co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.
 html\n\n   Much of the material and core concepts of the workshop remain t
 he same\n   from the DEF CON 31 workshop with some updated topics for DEF 
 CON 32\,\n   including an updated environment\, and gMSA attacks within th
 e lab.\n\n   Speakers:Angus Strom\,Troy Defty\n\n   SpeakerBio:  Angus Str
 om\, Senior Security Engineer\n\n   Angus (0x10f2c_) is currently a Senior
  Security Engineer working at a\n   tech company. He obtained a love for a
 ll things computers by\n   scavenging computer parts from local garbage pi
 ckups as a kid\, and\n   then trying to make them work together without bl
 owing up. Angus\n   eventually realised that a career could be made out of
  his skills\n   hacking together poorly written LUA code in Garry’s mod\
 , and\n   finished a Bachelors in Network Security. In his professional ca
 reer\n   Angus has 5+ years working in Security Consulting\, working acros
 s many\n   industries and gaining many shells. More recently Angus has mad
 e the\n   move to a security engineer focused role. When not hacking he lo
 ves to\n   ski on the little snow that Australia has\, and loves to paint 
 small\n   miniatures while listening to Drone Metal.\n\n   SpeakerBio:  Tr
 oy Defty\, Security Engineering Manager\n\n   Following over a decade in t
 he UK and Australian InfoSec industries\,\n   including an 8-and-a-half ye
 ar stint in red teaming\, Troy jumped the\n   proverbial fence from red to
  blue\, and is currently a Security\n   Engineering Manager at a tech comp
 any. His interest and experience is\n   in detection engineering\, red tea
 ming\, threat modelling\, hardware\, and\n   assessing ICS environments. O
 ther interests include music\,\n   electronics\, the outdoors\, travel\, r
 ugby\, CTF\, and making\n   piano-related noise.\n\n   '\n\n   1. #Springh
 ill_Full\n\n\n
DTEND:20240809T005900Z
DTSTART:20240808T210000Z
LOCATION:WS - Springhill Suites/Dean Martin
SUMMARY:Sold Out - Flipping the Coin: Red and Blue Teaming in Windows Envir
 onments (++)
END:VEVENT
END:VCALENDAR