Hacking with Huntress

Greg Ake, the former co-founder of Level Effect and current Senior Threat Researcher at Huntress, will be leading the hands-on training Hacking with Huntress - Windows Triage and Fileless Malware.

Windows Triage can be a daunting task for the uninitiated, but it doesn't have to be! Join us in learning the foundations of the Windows OS, how to do triage for suspicious processes and activity on the host and how to tackle static and dynamic binary analysis. 

​​This will be a hands-on workshop where attendees will gain access to a provisioned VM to follow along with live instruction.  You will learn how malicious process activities manifest on Windows, as well as how to spot this activity like the pros, all while learning how to utilize popular open source forensics tools.  This knowledge will be directly transferable to your environment, allowing you to triage unknown binaries you may find in the wild.

About the Instructor:

Greg has seventeen years of Cyber Security experience, fifteen years being within the U.S. Air Force, National Security Agency (NSA) and as a defense contractor conducting Signals Intelligence (SIGINT) and Computer Network Operations (CNO).  He has led diverse technical teams in support of intelligence collection, advanced analytics, network exploitation, persona/device profiling, technical research, and intelligence driven tactical operations. He is the lead Threat Researcher on Process Insights, Huntress’ process monitoring capability that is scheduled to be released Q1 of 2022.

Target Audience:

Attendees should have some familiarity of the Windows Operating System, applications, processes, and networking concepts. 

Tools Covered:

• Sysinternals Suite
• Wireshark
• PE Studio

Covered topics include:

• How to identify persistence mechanisms.
• How to identify malicious process activity.
• How to identify malicious network activity.

Time Commitment: 

2 Hours for training/Q&A