Category: Training

Training Feature: Integrating Computer Forensics with Incident Response

Our everyday life depends on a stable and safe cyberspace. However, cybercrime threatens this arena and is one of the fastest growing areas of crime. Today almost every criminal, or civil, case has an element of electronic evidence.

However, protecting evidence of a crime takes different skill sets than performing an incident response. Understanding how to identify when an incident is now a potential litigation issue, and performing the proper methodology, is key to having the evidence admitted into court.

Join instructor, Gregory Bell, at his course as he will introduce you to computer forensics, both its fundamentals and the best practices for incident response. You will learn to understand the legal aspects of computer forensics, as well as its relationship to the Information Technology field. Hands-on projects will give you the tools and techniques you will use to perform a full computer forensic investigation.

For more information you can see the details here:

RV4sec 2015: Ticket Transfers & Cancellations

Did you know you can transfer an RVAsec ticket to a co-worker or friend directly in Eventbrite?

Log in to your account and go to My Tickets (you may need to create an account using the email address you registered).

Then you can view your Current Orders (select RVAsec), and “Edit details” for the ticket. Changing the “Contact Information” will update the name of the person registered to check in at the conference. You can also change the questions asked at registration, which will help us plan for parking, catering and other items.

Also, please note that no refunds for training or the conference will be issued after May 26th.

Training: Vendor Risk Management and Trust Analysis

We are pleased to announce that Pete Herzog will be joining us this year to teach a class!

Vendor Risk Management and Trust Analysis

Get a grip on the risk caused by your vendors, cloud, software providers, partners, and other third parties you need to work with. Manage it in an orderly way that doesn’t overwhelm you or become the paperwork that sucks the life out of your job. Master it so you can make sure the people in charge of those relationships can also help you manage the security of those 3rd parties. This provides you with the means and the toolkit you need to do it in a practical, responsible, and secure method.

Training classes are held on Thursday, June 3rd, before the conference.

For more information on the class and the instructor, or to register, please see:

Training: Hands-On Lock Picking (Last Time At RVAsec!)

We are pleased to announce that, back by popular demand, we will have Hands-On Lock Picking with Schuyler Towne!

This is the last time that this training class is expected to be offered at RVAsec.  If you have always wanted to take this class, now is the year to make it happen.

Get comfortable with basic lockpicks, open some security pinned locks (and possibly high security), and have an understanding of Pin Tumbler, Wafer and Disc Detainer locks.  Learn the baseline knowledge to plan your own facility security, and get a number of excellent references to help continue your study.

Training classes are held on Thursday, June 3rd, before the conference.

For more information on the class and the instructor, or to register, please see:

Training: Integrating Computer Forensics with Incident Response

We are pleased to announce that Gregory Bell will be joining us this year to teach a class!

Integrating Computer Forensics with Incident Response

Over the last decade, the number of crimes that involve computers has grown, spurring an increase in companies and products that aim to assist law enforcement in using computer-based evidence to determine the who, what, where, when, and how for crimes. As a result, computer and network forensics has evolved to assure proper presentation of computer crime evidentiary data into court.

This class will show attendees the basic phases of the forensic process and incident response considerations, how to better integrate Computer (Digital) Forensics into their current Incident Response plan and Information System life cycle, and the tools and skill sets used to support computer forensics.  For instance, when employees are terminated does Human Resource notify Information Security to preserve the terminated employee’s hard drive in the event litigation occurs at a later date?

Training classes are held on Thursday, June 3rd, before the conference.

For more information on the class and the instructor, or to register, please see:

Training: Hunting The White Whale – Offensive Application Pentesting

We are pleased to announce that Kizz MyAnthia will be joining us this year to teach a class!

Hunting The White Whale – Offensive Application Pentesting


This course will introduce the attendees to the concepts of Information Security, the security issues that plague all applications today, learn how to create an attack strategy, and execute against the problem. This course will encompass both common and easily exploitable vulnerabilities and the more advanced or custom exploits and techniques that attackers use in the real world. We will discuss what motivates an attacker, what the types of mindsets are, and what tools they will most likely use.

Training classes are held on Thursday, June 3rd, before the conference.

For more information on the class and the instructor, or to register, please see:

Message From Schuyler About Training!

Hey, RVASec! I’m Schuyler, physical security guy, lockpicker, researcher, etc. I’ve been very honored to run trainings at RVASec the past 2 years, and while I feel confident that I’ve been able to bring a lot of material and hands-on experience to folks who took my classes, this year I’m trying to take a big leap forward.

While we will still be covering the traditional skills of lockpicking, this year’s class will use lock forensics as a scaffolding for teaching those concepts. I’ll be bringing my DSLR Microscope setup where we can collectively inspect the evidence left behind by various methods of entry live to the projector. Each entry technique will be explained in depth, then carried out by every attendee on locks provided to them. Once the concept is understood and successfully executed, we’ll open one of the locks under the microscope to see the tool marks left behind.
examples (1)
Each student will be trained in how to properly handle, disassemble and inspect their locks using plastic tweezers, plastic pinning trays, proper logging, and high def microscopy. The conclusion of the class will involve each student leading the class through the inspection of a mystery lock that will have been given to them at the start of the course. They will mount the specimens for everyone to see, provide analysis of the markings, and give a determination of the method of entry. The answer will have been previously provided to them in a sealed envelope. Think of it as a geekier murder mystery party.
At the end of the course students will understand and have practical experience with several methods of entry, including percussive attacks, basic picking and raking, and impressioning of cylinders. They will also have a strong foundation in the principles of lock forensics, from how to handle the lock, to tool mark analysis, to reporting their findings. I’ve been preparing for this course for years, and I’m incredibly excited to bring it to RVASec. I hope to see you there!
Only a little time left to sign up for the class!

Training Spots Still Available! Registration Closes May 30th

Tickets for training classes are still available.  Help ensure that we are able to continue to provide low cost training by attending a class and spreading the word!

The Secrets of Security with the OSSTMM
Instructor: Pete Herzog
Cost: $250

Lock Picking & Lock Forensics
Instructor: Schuyler Towne
Cost: $250

Networking for Pentesters
Instructor: Rob Fuller
Cost: $199.95

Into the Worm Hole: Metasploit for Web PenTesting
Instructor: Kizz MyAnthia
Cost: $250

Register now!

How Bad-Ass is the “Secrets of Security” Workshop?

We asked Pete Herzog to tell us more about what people can expect at his OSSTMM class at RVAsec and he provided us a great response!

As humans, we like secrets as long as they don’t harm us for knowing them. We like knowing the dirt on people and the stories behind things. We like to know we’re right and they’re wrong and justifiably so. That’s what this workshop is about. It’s that feel-good, bad-ass workshop full of secrets, dirt, and indignation. Here’s why:

You may have been thrown by the word OSSTMM in the full title, “Secrets of Security with the OSSTMM.” Don’t worry. It’s not about the OSSTMM the way you might be wary that it’s about the OSSTMM. What this workshop won’t do is show you OSSTMM slides and tell you about it. Because that wouldn’t be bad-ass. It’s more about the bad-ass stuff not in the OSSTMM and why we can’t put it in.

For a moment, let me re-introduce you to ISECOM, our organization. Our mission is to make sense of security but how we do it is by not limiting contributors or ideas and we take any profession or hobbyist who wants to partake. And that’s where it gets weird. We’re a research organization with people all over the world working virtually so there are very few constraints to what we can actually research. So we try to reign it in around our mission but sometimes we just do things because somebody was curious. It’s that last part where things get really bad-ass because there’s no context.

When there’s no context that means anything can happen since we’re not constraining it to test a specific theory for security. What happens then is we might learn something spooky or strange or strangely true. Even when we end up with a security truth it can’t just be disseminated as is. It takes a lot of eloquence to take it from from a finding to practical use that can go into one of our publications like the OSSTMM. So sometimes we can’t. That’s also why we struggle to release a coherent document full of cool stuff re-written as practical steps but then it reads like stereo instructions. So in the workshop I’ll show you the behind-the-scenes footage, the stuff we refer to as the “Dark OSSTMM” which is the stuff without context so you can be equally interested or freaked out. Then I’ll show you with context. This is a bit of what it looks like behind the scenes:


Topics Research Without Context Adding Context for Practical Use
Vulnerability Management What would a defense look like that blocked every kind of attack all the time? How to measure an attack surface. How to classify threats based on operations instead of risk.
Electromagnetic Waves How electromagnetic waves affect personality, behavior, and health. Best ways to test large spectrum EM waves. Using EM waves in Social Engineering. Correlating HR data with EM maps. Analyzing EM wave collisions with business processes also using EM frequencies.
Sound waves Using HF sound waves to cause visual hallucinations. Ways to test for HF sound waves. Visual mapping of sound waves. Implementing high frequency sound waves above human perception for machine to machine communication. Using sound waves to causing chaos, confusion, and disruption within the workplace for social engineering and physical attacks.
Neurohacking Using electric signals to modify brain function. ??? We’ve got nothing yet but there’s some pretty cool stuff we can do from enhancing vision contrast to improving working memory to learning skills really quickly.
Trust What are the logical reasons we have to trust someone or something? Testing and measuring trust in people, things, third parties like Vendors and Clouds. Improving social engineering tests to include manipulated trusts. Expanding attack surface calculations to include people.
Perception Can we manipulate how people experience time with external signals or electrical impulses? ??? We’ve got no security context here yet but in some tests we found with direct contact we can increase or decrease physiological responses to hunger, wakefullness, sex, and the speed in which we perceive something.


This research is so bad-ass that it’s sometimes too bad-ass to go in the OSSTMM until we can find further context. So we share it with team members, classes, and subscribers who like to know about stuff like this, groups like: NIST, NSA, NASA, the Whitehouse, CERN, and even the Vatican.

But the point of this workshop is to make you a better security professional as well as more aware of what’s being done out there in security that’s not afraid to challenge concepts we’ve grown up with. So you can expect there will be a good deal of discussion.

Think of it this way:

If doctors worked like today’s security professionals, they’d know everything about all the ways a person could be killed and still use blood letting and leeches to heal us.

And this is what can you do with the stuff from the workshop:

  1. Bring more value to a penetration test and vulnerability scans

a) vastly increase the length of validity for the snapshot
b) analyze points of interaction
c) manage operational security controls including devops

  1. Enhance vulnerability management
  2. Identify the points of attack or points where interactions can cause problems
  3. Increase office and network efficiency by identifying unnecessary interactions
  4. Analyze third party services and vendors, including cloud using trust
  5. Be more smug for having more security dirt to dish at the watercoolers than your colleagues.


Additionally, for fun, I’ll show you how Heartbleed attacks and the latest Target hack look like according to some of our older research.

Finally, I’ll bring some neurohacking gear for workshop attendees to play with. So over-all, I can tell you this will be a bad-ass workshop.

About the Instructor

Pete Herzog is the lead security researcher and creator of the OSSTMM. His analysis of security, hacking, trust, fraud, and neuro-hacking have shown up in thousands of research papers, books, and government documents around the world. He’s passionate about hacking and figuring out how things (and people) work.


Title: The Secrets of Security with the OSSTMM
Instructor: Pete Herzog
Date: 6/4/2014, 9AM-5PM
Cost: $250

Register for this Class


Training: Metasploit for Web PenTesting

Instructor: Kizz MyAnthia

Metasploit is most commonly known for its epic pwnage of network and service level vulnerabilities. What you may not know is that same epic pwnage can be leveraged exploiting web application vulnerabilities. By leveraging the ability to custom build Metasploit modules or tools using the framework the power of Metasploit is only limited by the imagination of the user. “Into The Worm Hole: Metasploit For Web PenTesting” will build on prior knowledge of Metasploit and help elevate the tester’s skills and abilities by working hands-on building a custom scanner, using Metasploit to exploit Web Vulnerabilities, and learn to use Metasploit for phishing, XSS, and other web application vulnerabilities.

Training classes are held on Thursday, June 4th, before the conference.  This class will cost $250.

Into the Worm Hole: Metasploit for Web PenTesting
“Into the Worm Hole: Metasploit for Web PenTesting” is an Intermediate level class and attendees should understand what Metasploit is and how to use it. A knowledge of Ruby is extremely beneficial, but some scripting experience or skill (any language) is recommended.

For more information on the class and the instructor, or to register, please see: