Black Hat Trainings (Vegas) questions
I might have a chance to attend Black Hat USA in Las Vegas this year for the first time, and just had a few questions that I'm also researching on my own.
1. Do most people who attend gravitate to the 4-day trainings as opposed to the 2-day ones?
2. Any quick recommendations or suggestions? I know that's a huge topic, especially when you know nothing about me. I do both offense and defense in my day jobs, and I could probably pick up most any course that doesn't dive hard into C programming or assembly or Windows API types of stuff. (For reference, I took SEC542 a few weeks ago and FOR408 from SANS last year.) It is outside my normal wheelhouse, but doing social engineering or gettings some hands-on with physical entry could be fun. Physical entry seems to be one that I have a hard time learning just on my own.
I'll also be looking at the instructors and if these courses/material are also offered elsewhere for far cheaper than the BHUSA price tag.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
Comments
-
chrisone Member Posts: 2,278 ■■■■■■■■■□Last two years I have taken Dark Side Ops: Custom Penetration Testing and SpecterOps Red Team Adversary Tactics. Both courses were 4 days, but this year I am taking Pentester Academy's Active Directory Attacks and Defense for Red and Blue Teams, which is a two day course.
4 day courses are only slightly more expensive, they obviously cover more material, and you spend more time building relationships with your class mates and instructors. It really comes down to the class and the material you want to cover. In reality, whatever course you take, you will probably spend months going over and analyzing the course work again (or at least you should be).
Another tip or idea is to stay the entire week, attend Defcon and Bsides vegas. Purchase your defcon ticket when you buy your blackhat training, it is only $300 this year, Bsides is free. Defcon and Bsides provide free training courses as well, you just have to sign up when they release the sign ups (check twitter).
As for which BlackHat courses to take? well there are many good ones. I will list a few I like.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
chrisone Member Posts: 2,278 ■■■■■■■■■□Disclaimer
These are based off my own interest, any courses not mentioned are purely based off my own ignorance of the subject or instructor and in no way am I claiming any course or instructor better than any other.
2 Day CoursesActive Directory Attacks for Red and Blue Teams - Advanced EditionPresenter: pentester academyPresenter: notsosecurePresenter: coalfire systemsPresenter: pentester academyPresenter: joe fitzpatrick & the securinghardware.com teamPresenter: joe fitzpatrick & the securinghardware.com teamPresenter: craig young, tripwire vertPresenter: notsosecurePresenter: notsosecurePresenter: notsosecurePresenter: sensepostPresenter: silent break securityPresenter: silent break securityPresenter: sensepostEnterprise Infrastructure Hacking - Journeyman LevelPresenter: sam bownePresenter: flare team of fireeye, incPresenter: michael ossmann, great scott gadgetsPresenter: paul clarkPresenter: sk3wl 0f r00tPresenter: mdsecPresenter: paul kalinin, ygor da rocha parreiraPresenter: mdsec consulting limited (marcus pinto)Presenter: silent robot systemsCerts: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
chrisone Member Posts: 2,278 ■■■■■■■■■□Disclaimer
These are based off my own interest, any courses not mentioned are purely based off my own ignorance of the subject or instructor and in no way am I claiming any course or instructor better than any other.
4 Day Courses:Presenter: egypt & mubixPresenter: monnappa & sajan shettyPresenter: notsosecurePresenter: flare team of fireeye, incPresenter: specteropsPresenter: specteropsPresenter: trustedsecPresenter: sensepostPresenter: flare team of fireeye, inc.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
JDMurray Admin Posts: 13,099 Adminchrisone said:Purchase your defcon ticket when you buy your blackhat training, it is only $300 this year, Bsides is free.
-
chrisone Member Posts: 2,278 ■■■■■■■■■□ah ok, I stand corrected on bsides, id pay to get in for sure....
As for DC27 I got charged $300 when I bought the blackhat training course.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
tedjames Member Posts: 1,182 ■■■■■■■■□□JDMurray said:chrisone said:Purchase your defcon ticket when you buy your blackhat training, it is only $300 this year, Bsides is free.
-
JDMurray Admin Posts: 13,099 AdminYes, April is when they'll start checking in their regular volunteers too. This will be my sixth year volunteering at BSidesLV. Always a lot of fun.
-
LonerVamp Member Posts: 518 ■■■■■■■■□□Good to know, thank you! I've been to Defcon, but obviously not having been to BH I didn't even think about the joint purchase.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
JDMurray Admin Posts: 13,099 AdminDC27 is at Paris/Ballys/Planet Hollywood, which is down the street (E Flamingo Road) from BSidesLV at the Tuscany Hotel & Casino. There is a free shuttle service that runs between the two conventions for those of you that don't like walking the downtown Las Vegas streets in August.