ExtremePaperClip

Digital Forensics Nerd, Linux Geek, InfoSec Dork, Lifelong Student of Everything, Amateur History Buff... Loads of Fun.

The speaker's profile picture

URL to your Twitter profile?

https://twitter.com/extremepaperc


Sessions

08-12
14:00
60min
Obsidian Forensics: The Importance of Sysmon for Investigations
ExtremePaperClip

In this video we will discuss Sysmon -- what it is, how to get it, the configuration file, the events it logs, and why it's so valuable to forensic investigations.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Project Obsidian: Track 0x41 (In-person)
08-12
13:00
60min
Obsidian Forensics: KillChain1 - Adventures in Splunk and Security Onion
Omenscan, Wes Lambert, ExtremePaperClip

A Live Forensics Walkthrough of Obsidian Kill Chain 1 (KC1) forensics analysis using Splunk and Security Onion

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Main Stage (In-person)
08-13
10:30
60min
Obsidian Forensics: KillChain3 - Continued Adventures in Splunk and Security Onion
Omenscan, Wes Lambert, ExtremePaperClip

A Live Forensics Walkthrough of Obsidian Kill Chain 3 (KC3) forensics analysis using Splunk and Security Onion

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Main Stage (In-person)
08-13
14:00
60min
Obsidian CTH: The Logs are Gone?
ExtremePaperClip

What happens when an attacker clears the logs in an effort to hide their tracks? Here we will dive into that question, build a Threat Hunting hypothesis, develop some ways to detect this activity, and document the process.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Project Obsidian: Track 0x42 (In-person)