WWHF @ Mile High 2025

In this talk I will cover how you can enrich BloodHound with different fields and edges to expose previously unidentified attack paths. By combining multiple open source tools, it is possible to track password sharing relationships across separate accounts, and even across different Active Directory forests.

This talk explores the dynamic potential of PowerShell for Linux in the realms of penetration testing and red teaming. Delving into its capabilities, attendees will discover how this versatile tool enhances offensive security strategies. Intended for cybersecurity professionals and enthusiasts seeking to leverage PowerShell's prowess within Linux environments, the session promises insights and practical guidance for optimizing offensive tactics.

Participating in Capture The Flag (CTF) competitions is always a thrilling experience, but this time, I had a secret weapon up my sleeve: AI. From cracking codes to navigating complex cyber challenges, AI became my go-to sidekick. Here's how I teamed up with AI to tackle CTF puzzles and what I learned on this wild ride.

At DEFCON 32, my team taught over 160 people the limitations of manual code review to solve secrets sprawl. We did not use new tech, we did not use computers or anything that needed electricity. We used paper cards. What we learned along the way was eye opening and changed the way I think about security.  This talk is a quick recap of the surprising findings we unexpectedly gathered and the power of getting away from the keyboard.  I will reveal my new theory on driving better conversations across teams and roles to actually try and improve security and not just show how clever we are.

Between Python version mismatches, virtual environments, and containers, getting even popular software to work on every operating system and setup is more cumbersome than it should be. Hackers should be fighting vulnerabilities, not their own tooling. Nix has solved this for me and I need to share it with people.  It takes "it works on my machine" to a whole new level. Nix suffers from an inordinate degree of mystery that turns a lot of people away from it, but those of us who have pushed through the haze have come to appreciate just how brilliant Nix is. But it doesn't have to be complicated, and I'll be demonstrating that.  

Within and without NixOS, the Nix package management system alone offers hackers the ability to (at a minimum):
- Effortlessly install packages not available in their default repositories
- Replicate system setups for any machine or server with a single file
- Only activate virtual environments and access specific dependencies based on isolated environments or even just entering system directories

This is all done without technologies like Ansible or Docker, making even the base system dependency overhead much smaller.

Since this talk involves creating environments that help users deal with dependency management, tool installation, and system deployment, I'll be demonstrating all of those things. For example, we will:
1. Build a working Python virtual environment, handle all the dependencies, and successfully run highly opinionated tooling (impacket) alongside other highly opinionated tooling (CrackMapExec) using an ".envrc" file of our making.
2. Demonstrate native containerization via systemd-nspawn for keeping hacking tools isolated from the main system.
3. Deploying my favorite tools to a brand new virtual private server to starting hacking from it in seconds.

Much of these capabilities will be available as script and file templates via a Github repo I'll make public alongside the talk.

I would like for this conversation to be an in depth deep dive into both Nmap and other open source reconnaissance tools. A lot of times peers leave it at the very bare minimum and use the same script everytime they run these open source tools due to the fact they use them so often. These are tools that everyone has access to but they only use about 5% of the tool itself. I have worked with specific Open Source tools to learn every little thing there is to know especially the ones needed for every engagement and would love the opportunity to showcase these different arguments that a lot may not have knowledge of until shown like I was.

This presentation will consist of thorough research on narcotics, narcoterrorism and the fentanyl epidemic are a new cyber crime issue. In my presentation I will speak about how OSINT can be used to combat illicit narcotic transactions , narcoterrorism and uncover valuable information from OSINT on the dark web.

 In this workshop, you’ll get an overview of Kerberos based on a section straight from Red Siege’s Offense for Defense (O4D) course. We’ll cover what Kerberos is, and how to attack it. You’d work through a hands on lab exercise involving Kerberoasting (Tim’s baby) and a silver ticket attack.

Requirements: Just a laptop with a browser