Scott Cook
Scott Cook is a former Air Force Cyber Defense Operator who conducted and led several defensive and offensive cyber operations on both IT and OT/ICS mission systems. He performed web application pentesting and red teaming for the Coast Guard. He held a position at Capital One conducting tactical cyber threat intelligence, reverse engineering, and detection engineering. Scott is the Owner/Founder of RedHackBlue.
Session
Unleash your inner hacker and defender in this hands-on workshop! Dive into the dark art of crafting Windows and Linux rootkits, then switch gears to learn malware analysis and reverse engineering of those rootkits. This workshop will go from static analysis with tools like Binary Ninja and DetectItEasy to dynamic analysis decrypting payloads and extracting critical IoCs. It doesn’t stop there - you’ll build detection rules with tools like YARA, ClamAV, OSQuery, OSSEC, OpenEDR, and Snort signatures to hunt down those rootkits. Cap it off by integrating your defenses into Elasticsearch and Kibana dashboard. Perfect for aspiring red and blue teamers to learn over a dozen different open-source tools.