This information is from a previous year. Please visit shellcon.io for up to date information.

ShellCon U
  • Training registration is free, but is only open to currently registered ShellCon attendees.
  • You will need the Order ID that was sent to you in the Order Confirmation email from orders@linuxfests.org.
  • If you have been registered as a sponsor, volunteer, veteran or speaker, you won't have that email, so enter SPONSOR, VOLUNTEER, VETERAN, GUEST or SPEAKER, and we'll look it up for you.
  • Training registrations without a valid Order ID will be canceled and someone from the waitlist will be selected.
  • Once your workshop registration has been validated, you will receive a confirmation via email.
Click here to sign
up for free training!

  • Track ShellCon U (Beacon): Friday 1000-1250

Sponsored by: Hacker House

Hacker House Penetration Testing workshop aimed for entry-level technicians looking to develop offensive skills. Are you seeking to better understand cyber security topics and gain practical experience? Interested in bug bounties and expanding your career but wondering where to begin? Hacker House will provide an introduction to penetration testing in a hands-on format, taking the student through the steps necessary to conduct a security assessment against Internet technologies. Our course requires a knowledge of Linux, TCP/IP basics, familiarity with a command line and any laptop capable of running a VM. Hacker House will provide a lecture and practical demos on penetration testing for attending students.

hackerhouse

A professional services company providing cyber security assurance services through applied hacking. Hacker House provides online and workshop training to expand knowledge transfer and assist businesses understanding of cyber security.

...
Read More
  • Track ShellCon U (Beacon): Friday 1330-1450

Sponsored by: SANS Institute

This training session will have a sneak preview of SANS’ new Security 699: Advanced Threat Emulation and Attack Simulation.

After a brief introductory lecture on the scenario, it will be primarily hands-on attack emulation and testing of defensive controls. This scenario is based off observed Tactics, Techniques, and Procedures (TTPs) attributed to the group known as APT-30. We will simulate a selection of these TTPs against an environment that includes Azure AD and third-party Active Directory integrations. This session will have participants testing defenses against real-world attacks. Participants need to bring a laptop with VMware or Virtualbox to run a single VM (provided) that interacts with the target environment (also provided).

Attack Highlights:

  • Modern Spearphishing with PDFs
  • Lateral Movement in the enterprise
  • Malware driven Command and Control

SANS Institute

James Shewmaker has over 20 years of technical experience in IT, primarily developing appliances for automation and security for broadcast radio, internet, and satellite devices. He is the founder and...
Read More

  • Track ShellCon U (Beacon): Friday 1500-1620

Sponsored by: SANS Institute

This training session will have a sneak preview of SANS’ new Security 699: Advanced Threat Emulation and Attack Simulation.

After a brief introductory lecture on the scenario, it will be primarily hands-on attack emulation and testing of defensive controls. This scenario is based off observed Tactics, Techniques, and Procedures (TTPs) attributed to the group known as APT-30. We will simulate a selection of these TTPs against an environment that includes Azure AD and third-party Active Directory integrations. This session will have participants testing defenses against real-world attacks. Participants need to bring a laptop with VMware or Virtualbox to run a single VM (provided) that interacts with the target environment (also provided).

Attack Highlights:

  • Modern Spearphishing with PDFs
  • Lateral Movement in the enterprise
  • Malware driven Command and Control

SANS Institute

James Shewmaker has over 20 years of technical experience in IT, primarily developing appliances for automation and security for broadcast radio, internet, and satellite devices. He is the founder and...
Read More

  • Track ShellCon U (Beacon): Friday 1630-1700

Brief presentations about training, higher education, and employment around the ShellCon community. We are interested in spreading the word about things like career opportunities, internships, scholarships, and training discounts. If you would like to present in this event, send a request to RaiseMe@shellcon.io

Scheduled Talks:

  • The Coastline College CCAP Program
    • Dr. Brandon R. Brown (ProBro)
  • Webster University’s Yellow Ribbon Program
    • Malia Mason
  • Remote Job Opportunities at Tanium
    • Merissa Villalobos
  • Track ShellCon U (Beacon): Saturday 1000-1120
  • Slides

The Infosec industry is an eccentric field, and you may have found that following standard job placement advice has you in a stall. Whether you’re a security professional looking for a new situation, or just trying to break in, we’ll work with you in real time on your resume language and your job hunting situation, and you’ll get group feedback and support. We’ll also tell you about the job hunting dogma you need to avoid. Some of the people who have met in these groups stay in contact with each other long after the event is over, and return to give us good news about progress in their careers.

Lori joined her first Internet startup as a senior system administrator. When that company went public, she was hooked, and helping smaller firms prevail against well established rivals has been...
Read More

Merissa Villalobos, has been a Cybersecurity Recruitment professional for over 10 years and she has built a national Talent Acquisition department from the ground up, managed a global recruiting team...
Read More

  • Track ShellCon U (Beacon): Saturday 1130-1250
  • Slides

Many candidates have come to us frustrated by the number of interviews they’ve attended without getting any job offers. Or because they need help getting over interview anxiety. Also, often times candidates don’t realize that when they receive an offer, they are expected to negotiate. A well-understood negotiation is essential in order to settle on a set of compensation parameters and working conditions that will make them happy, and commit to the company for the long run. This training is in a group environment to offer maximum support and feedback.

Lori joined her first Internet startup as a senior system administrator. When that company went public, she was hooked, and helping smaller firms prevail against well established rivals has been...
Read More

Merissa Villalobos, has been a Cybersecurity Recruitment professional for over 10 years and she has built a national Talent Acquisition department from the ground up, managed a global recruiting team...
Read More

  • Track ShellCon U (Beacon): Saturday 1300-1420

Sponsored by: Vertical Sysadmin, Inc.

Integrating security with the development and deployment process begins with a fundamental understanding of the tools DevOps uses. This competence is highly desired by companies, but often missing in the Information Security discipline. Get your DevOps down with this LPI DevOps Tool Engineer lead by Aleksey Tsalolikhin, Vertical Sysadmin, Inc..

This content is for infosec engineers working in a DevOps environment with Software Engineering, Container Deployment, Configuration Management and Monitoring. Even attendees who aren’t exam bound will appreciate learning about Blue Team tools like Docker, Vagrant, Ansible, Puppet, Git, and Jenkins.

Aleksey will field technical questions and help prepare attendees for taking the exam. He will explain the importance of understanding the objectives, the test structure, and how obtaining the certification is professionally beneficial. Bring your questions!

Exam Objectives

Vertical Sysadmin, Inc.

Aleksey Tsalolikhin has been a UNIX/Linux system administrator for 20 years, starting at EarthLink in the mid-nineties. Aleksey’s mission is increasing efficiency, productivity and quality of life of engineers through...
Read More

  • Track ShellCon U (Beacon): Saturday 1430-1550
  • Slides

Sponsored by: Vertical Sysadmin, Inc.

We’ve all heard of the shell, and we’ve all used it at least a little bit. But what IS a shell, really? What makes shell scripting fundamentally different from any other programming language? What really happens when you type a command into your shell–and how does this relate to the mistake found in over 50% of production shell scripts? Attend this talk, demystify the shell and learn to use it right!

This presentation will give particular attention to security, such as dangers of globbing and dangers of unquoted variables. The instructor will also take questions- adjusting to the skill level of attendees, each class can go deep and will be unique.

Vertical Sysadmin, Inc.

Mike Weilgart has loved maths and computers all his life. He worked in a variety of positions including software QA, calculus teacher, and graphic design, before resolving to put his...
Read More


© 2019 ShellCon