Skip to main content

Introducing SAINTCON Trainings!   For many years, SAINTCON has coupled trainings into the middle of the conference event which limited the time that attendees could spend doing all of the other conference activities.  We have listened to the feedback, and this year will be our first year introducing SAINTCON TRAININGS as an independent event.


Register Now for trainings in your SAINTCON Account.  See our FAQ for login details.

Individual signups for trainings will be required at time of registration.  In order to incentivize the best trainers and trainings, we will be charging a nominal fee for participation in the selected training.  Fees cover Materials, Trainer Honorarium, and Lunch for Training Day

SAINTCON Trainings Lineup

Pentesting from start to finish

Michael Butler – VP Stage2 Security

Cost: $300/Person       Duration: Full Day        Max Class size: 50

Monday October 23, 2023 9am-6pm MDT

Dive into offensive security through 8 hours of in-depth training on the most common tools and techniques penetration testers need to know. Learn how to plan an attack, divide an engagement into phases, define goals and requirements, and of course execute a full penetration test from the initial scans to pivoting inside an internal network.

Instructor Bio:
Michael Butler is a vice president and security researcher at Stage 2 Security where he leads, hacks, and does some development in his spare time. Michael has worked in the offensive security field for nearly 10 years which includes time working for the US Army, NSA, Cyber Command, and several commercial cyber security companies. Michael holds several awards and certifications (e.g. CISSP, GPEN, etc).

Active Directory: Elevate your Domain Security

Jim Shakespear – Director of IT Security, SUU

Cost: $300/Person       Duration: Full Day        Max Class size: 50

Monday October 23, 2023 9am-6pm MDT


Training Part 1: Students will participate in a dedicated Active Directory network to penetrate the domain. During this session, students will use red team tools like Mimikatz and Bloodhound, techniques such as Kerberoast and DCSync, and go through the steps of a penetration assessment. All tools will be run through a Windows VM. To wrap up the assessment, students will help report on issues found in the environment that can be addressed in part 2.

Training Part 2: Students will participate in a dedicated Active Directory network that has undergone a recent penetration assessment. Based on the results of the assessment, students will implement improvements to the Active Directory domain and test if their actions improve their domain security. Most improvements will be deployed using Group Policy. Some additional tools and discussions for assessing/improving security of the domain will include PingCastle, Purple Knight, Bloodhound, NetCease, and privileged account separation.


Students will need a basic background in Windows and network infrastructure as well as some command-line experience (both cmd and PowerShell). Please bring a laptop with a hypervisor installed and capable of running a Windows 10 VM. It is preferred if you have a base Windows VM already installed that can be joined to the Active Directory environment during the training. Please visit to download an evaluation copy of Windows 10, if needed.

Instructor Bio:
Jim has been a member of SAINT since 2012, when he started full-time at Southern Utah University. He’s had various roles in our IT department, and currently head cybersecurity initiatives.

Incident Response with Jupyter Notebook

Michael Taggart – Educator/Threat Hunter

Cost: $150/Person       Duration: Half Day        Max Class size: 50

Monday October 23, 2023 2pm-6pm MDT


Sometimes, the logs you need to investigate an incident are not where you’d like them to be. When that happens, it can be difficult to corral all the data you need to understand what happened. This workshop will demonstrate how to use the power of Python and Jupyter to analyze logs and artifacts, extract indicators of compromise, and tell the story of a breach.

Participants will learn the basics of working with Jupyter and work together to investigate a simulated website compromise.

Instructor Bio:
Michael Taggart is a career technologist and educator, with over a decade of experience building software and IT systems and training others how to do the same. Currently a Senior Cybersecurity Analyst for UCLA Health, Taggart spends his days hunting and emulating threat actors. At night, he streams cybersecurity content on Twitch. Before pivoting to infosec, he had worked as a computer science instructor, contract web developer, and Director of Technology for multiple schools.

Taggart holds a Bachelor’s in English and Creative Writing from Ursinus College, and a Master’s Degree in Education Leadership from the University of Pennsylvania. Certifications include: LFCS, Security+, CISSP, eCTHPv2, CRTO, and eWPT.

Phishing: Beyond Credential Harvesting Workshop

Brad Horrocks – UVCyber, Adversary Simulation Operator

Cost: $150/Person       Duration: Half Day        Max Class size: 50

Monday October 23, 2023 2pm-6pm MDT


Phishing has evolved to require more than just a form that collects credentials. Emails need to look legitimate, landing pages need to match, and MFA is now standard practice. Lets walk through setting up Gophish, acquiring domains, designing emails, and using Modlishka to bypass MFA. This will allow us to not only get credentials, but session information for a typical SSO.

Instructor Bio:
Brad enjoys learning, finding/exploiting software bugs, and writing code. He has spent his 18 year career honing his skills in building, defending, and breaking various Internet connected services. Currently leads the Adversary Simulation Team at UVCyber. Former notable employers include: Automattic/Tumblr, Instructure, and Workfront.

Intro to Cloud Automation with Terraform.

David Thurm – Cyber Security Architect

Cost: $50/Person       Duration: 2 Hour        Max Class size: 20

Monday October 23, 2023 9am-11am MDT


Intro to Cloud Automation with Terraform. The training will include all steps to create a new cloud Linux server with the GUI followed up by learning to code everything we just did deployment with terraform. No Experience Required.


Requires your own free AWS account. We can assist an hour before the course to set this up with you.

Instructor Bio:
David Thurm (@davidthurm) loves helping organizations adopt new ways of thinking about security. Currently, a Cyber Security Architect at Accenture Federal Services, he is assisting Federal Departments in meeting the executive orders around Zero Trust. He has spoken at many conferences and is an original member of UtahSAINT.

Better with Burpsuite: Web Application Pentesting

Nathan Smith – A little bit of it all
Jacob Smith – Webcheck Security, Penetration Tester

Cost: $150/Person       Duration: Half Day        Max Class size: 50

Monday October 23, 2023 9am-1pm MDT


Delve into the mechanics of Burpsuite in this comprehensive, hands-on training. Crafted for anyone with a passion for cybersecurity, this course promises a practical approach to explore the multifaceted aspects of Burpsuite and its potential to detect security vulnerabilities in web applications.

Key Learning Areas include:

– Demystifying Configurations: Understand the significance of properly configuring Burpsuite to streamline your penetration testing processes. Learn to optimize settings, tailor parameters to your needs, and prepare the environment for efficient and effective security assessments.

– Exploring the Scanner: Discover the power of Burpsuite’s Scanner. Get acquainted with its ability to automate the detection of vulnerabilities and learn how to interpret the results it generates, enriching your penetration testing toolkit.

– Unleashing the Repeater: Harness the Repeater’s potential to manipulate and resend individual requests, and understand how it can be used to uncover hidden security flaws in a system.

– Commanding the Intruder: Grasp the intricacies of the Intruder and its role in automating custom attacks on web applications. Delve into the diverse attack types and the key situations where each can be most effectively applied.

– Employing Extensions: Master the extension capabilities of Burpsuite. Learn how to expand Burpsuite’s core functionality with custom scripts and third-party extensions to address unique security testing challenges.

– Interpreting the Logger: Dig deep into the Logger’s functions, exploring how it tracks requests and responses, and how this data can be leveraged to reveal crucial insights during a penetration test.

Emphasizing the practical application of skills, this course will prepare you to utilize Burpsuite for detecting common vulnerabilities in real-world scenarios, empowering you to perform more effective penetration tests and red team engagements. You’ll come away with enhanced skills in leveraging Burpsuite’s capabilities, ultimately boosting the robustness and sophistication of your security testing processes.

To ensure the most effective learning experience and engagement during the training course, attendees should meet the following prerequisites:

– Prior Experience: Familiarity with the basics of penetration testing and cybersecurity concepts. Prior experience using Burpsuite would be advantageous but is not compulsory.

– Technical Skills: Basic to intermediate knowledge of network protocols (HTTP/HTTPS), understanding of web technologies (HTML, JavaScript, CSS), and familiarity with web application structures and behavior.

– Coding Proficiency: While the course is primarily designed to leverage Burpsuite’s user interface, some sessions may involve scripting. Hence, a working knowledge of Python 3 or any other scripting language could be beneficial.

– Hardware Requirements: A laptop or personal computer with sufficient processing power and memory to run Burpsuite smoothly. Also, ensure to have administrative access to install necessary software and tools.

– Software Requirements: The latest version of Burpsuite installed on your device. The operating system could be Windows, Linux, or Mac OS.

– Internet Connection: A reliable internet connection for downloading necessary materials and tools, as well as for interactive sessions during the course.

By meeting these prerequisites, you will be well-positioned to extract maximum value from the training, as the course assumes a baseline understanding of these areas and builds upon it to delve into more advanced concepts and techniques with Burpsuite.

Instructor Bio:

Nathan has been doing web application testing for a number of years and is now the Director of Information Security for a company. He enjoys both sides of red and blue teaming. When not doing that he loves getting outdoors with his family.

Jacob has been using Burpsuite to help compromise web application’s as a contract Penetration Tester for over a year.