ShowSegments

From Security Weekly Wiki
Jump to navigationJump to search

Guidelines

  • Virtual training sessions are 60 minutes long and include a deep-dive and how-to on a specific topic.
  • Topics can be covered as a technical segment (15-30 minute how-to guide on how to accomplish something that will help people learn and apply skills).
  • Topics could also be an interview with the author of the tool or someone who is considered an SME (subject matter expert) in that area.
  • These are higher-level suggestions, choose a project/tool/technique in the area described (or a different tool that does the same thing), and present on it for 30 minutes.
  • If you work for a security vendor, please see our appearance guidelines.
  • Please send email to psw -at- securityweekly -dot- com if you are interested in covering a topic!
  • Segments indicated in green have been completed, all other topics are open!

Topics

Virtual Training Topics Docker Deployments, Security and You Reverse Engineering Malware Penetration Testing The Cloud Penetration Testing Tactics and Techniques That Actually Work Making The Most Out Of Open-Source Threat Intelligence OSINT For Fun and Profit Wireless (In)Security Forensic Investigations For The Rest Of Us Kali Linux Not-So-Secrets How To Test Your Environment Against The Mitre Att&ck Framework Bypassing Endpoint Protection(s)
Virtual Training Topics Web App Scanning in DevOps Processes Breach and Attack Simulation Securing & Protecting Applications in AWS Building Effective Security Programs: Compliance, Process and Procedures Embedded and IoT Hacking Tips & Tricks How To Threat Model For Better Security How To Build an Incident Response Program with Practically No Budget Hack The Human: Social Engineering Tactics For Your Next Pen Test Building An Open-Source SIEM Threat Hunting By Living Off The Land Hardware Hacking 101
Show Segments Or Webcasts Panel: Nation-State Hacking Panel: Threat Intel Sources That Actually Work Panel: The Future Of Infosec Careers Panel: The State Of Exploit Markets Panel: History of Hacking/Malware/Security Vendor Demo Days 1 Vendor Demo Days 2 Vendor Demo Days 3 Breaking News or Research 1 Breaking News or Research 2 Breaking News or Research 3
PSW Tech Segments Building Secure-By-Default Containers Storing Secrets In A Vault With Docker Scraping The Web With Python Flan Scan - Lightweight Vulnerability Management Using NMAP Tracking Security News and Research Open-Source Attack Surface Management Linux Privilege Escalation Through Containers Windows Local Privilege Escalation Example Cool C2 Channels By Example Bypassing 2FA Software Defined Radio
PSW Tech Segments Bloodhound (For Attack and Defense) Metasploit Threat Hunting (JA3, RITA) RFID Hacking YARA Encrypting Linux Volumes MS Office Macro Payload(s) Evilgrade Scapy Nmap OSQuery
PSW Tech Segments (Red Team Tools) https://www.blackhillsinfosec.com/powershell-without-powershell-how-to-bypass-application-whitelisting-environment-restrictions-av/ https://www.offensive-security.com/metasploit-unleashed/privilege-escalation/ https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts/ https://byt3bl33d3r.github.io/automating-the-empire-with-the-death-star-getting-domain-admin-with-a-push-of-a-button.html https://github.com/SpiderLabs/Responder https://github.com/ustayready/CredKing https://github.com/ustayready/fireprox https://github.com/graniet/chromebackdoor https://github.com/DakotaNelson/sneaky-creeper https://github.com/laramies/theHarvester https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer/
ESW Tech Segments Securing O365 Runtime Application Protection Vulnerability Management Identity Management Evaluating Endpoint Security Microsoft ATP (Advanced Threat Protection) Log Analysis for IoCs Threat Intelligence Powershell For Enterprise Defenders (DeepBlueCLI) AWS Security Services Analyzing Email Phishing Campaigns
ESW Tech Segments The Security Onion Tools For Dealing with CVE Data MITRE Att&ck Matrix Up and Running On Elk The Security Awareness Program Cheat Sheet Recommending The Best Secrets Manager Group Policies For Security That Work Amazon Elastic Beanstalk for Security Testing Nagios (Or Alternatives) GuardiCore, Infection Monkey Cuckoo Sandbox
ESW or PSW Tech Segments https://github.com/JPCERTCC/LogonTracer https://github.com/draios/sysdig-inspect/blob/dev/README.md https://github.com/CredDefense/CredDefense https://www.misp-project.org/ https://thehive-project.org/ https://github.com/volatilityfoundation/volatility https://www.saltstack.com/resources/community/ https://www.npmjs.com/package/renovate https://github.com/byt3bl33d3r/CrackMapExec https://github.com/draios/sysdig-inspect/blob/dev/README.md https://www.misp-project.org/
ESW or PSW Tech Segments https://github.com/meirwah/awesome-incident-response Web App Pentesting Tools Python Tips and Techniques for Pen Testers https://github.com/dafthack/DomainPasswordSpray https://github.com/sandboxie/sandboxie