Most pentesters have little knowledge regarding the residual trace data left behind by their activities. Likewise, most forensic investigators have only a rudimentary knowledge of how the attacks they investigate actually took place. What if you could see things from both sides? What if you could see both the attack as it happened, as well as the indicators of compromise (IOCs) left behind by the breach? Well, now you can. In Hack it, and Track it, experts from Trustwave SpiderLabs Network Penetration Testing team, and PSC’s Digital Forensics and Incident Response team will provide you with the opportunity to both compromise a target and forensically investigate that breach. You will use cutting edge tools and techniques from both disciplines which will undoubtedly help make you either a better penetration tester, or a better forensic investigator. Through the use of virtual machines, you will be led through three different real world scenarios typically seen by the experts at SpiderLabs. In each scenario, you will have to use your skills to compromise a host, and extract target data. Then, you will utilize the IOCs and trace evidence left behind by your activities to “tell the story” of what took place and how. This is the one of kind class and not to be missed! It will open up the eyes and minds of even the most seasoned pentesters or forensics investigators to a world of knowledge they likely no very little about. Do not miss your opportunity to Hack it, and Track it!
Pentesters and Forensic Investigators (Incident Responders)
Moderate knowledge of EITHER network pentesting or digital forensics.
• A laptop with enough memory to properly play virutal machine.
• VMware player
• Virutal Machine for Pentesting
• Virtual Machine for Investigating
• Tools DVD
• Trustwave Bag O Goodies
• Student Manual
Lead Security Consultant
PSC Forensics and Incident Response
Grayson Lenik is a Lead Security Consultant at for PSC. He was worked more than 150 Incident Response cases and has over 15 years of system administration and information security experience including six years with American Express/IBM Global Services at one of the largest data centers in the world. He is a Navy Veteran and was forward deployed on board the USS Kitty Hawk and USS Independence during “Operation Southern Watch.” Grayson has performed research on file system timeline artifacts and timestamp modification and has presented at a number of conferences including DEFCON, SECTOR, and ECSAP. He has trained multiple trained multiple local, State and Federal Law Enforcement agencies. Grayson authors the computer forensics blog “An Eye on Forensics.”
SpiderLabs Network Pentesting
Ryan Linn is a Senior Consultant with Trustwave's SpiderLabs -the advanced security team focused on penetration testing, incident response, and application security. Ryan is a penetration tester, an author, a developer,and an educator. He comes from a systems administration and Web application development background, with many years of IT security experience. Ryan currently works as a full-time penetration tester and is a regular contributor to open source projects including Metasploit and BeEF, the Browser Exploitation Framework.