BEGIN:VCALENDAR PRODID:-//vBulletin 6//EN VERSION:2.0 CALSCALE:GREGORIAN BEGIN:VEVENT UID:2bb3d77c-e1eb-43c7-b142-e1a5732f8b20 DTSTAMP:20260517T123427Z SUMMARY:OpenSOC Blue Team CTF - Friday DESCRIPTION:OpenSOC is a Digital Forensics\, Incident Response (DFIR)\, and Threat Hunting challenge meant to teach and test practical incident respo nse skills in an environment that closely resembles a real enterprise netw ork. This virtual environment is representative of what you would find in an enterprise network\, including: workstations\, servers\, firewalls\, em ail\, web browsing\, user activity\, etc. Simulated users are browsing the Internet\, downloading files\, watching videos\, and accessing LAN resour ces. This creates a high-fidelity training environment for unleashing real -world attacks and testing responders’ abilities to filter and detect ma licious activity on the network. This isn’t just another CTF. We’ve bu ilt this platform to train real-world responders to handle real-world situ ations\, and each year we incorporate new scenarios that are modeled after threat actors and breaches experienced by the OpenSOC team. From APT atta cks using 0-days and heavily weaponized shellcode to sneaky lateral moveme nt and exfiltration techniques\, we expose contestants to a wide-range of techniques that we see actively used in the wild.We encourage team partici pation\, and always have folks on hand to assist those just getting starte d out.Even better - 100% of the security tools demonstrated within OpenSOC are Free and/or Open Source! These projects include Velociraptor\, Sysmon \, osquery\, Suricata\, Moloch\, pfSense and Graylog + ELK bringing it all together in an awesome way. This allows our contestants to not only have fun at DEF CON\, but also learn skills and tools they can take back to wor k on Monday.\n\nThe Challenge:· Given an initial IOC (indicator of compro mise)\, identify attacks that are being carried out against and within the enterprise environment\, pivoting between key artifacts· Trace the attac kers throughout the kill chain\, submitting key IOCs and observables to th e scoreboard as you reveal their tactics.· Reverse engineer any artifacts connected to hostile activities.· Perform forensics analysis on PCAPs (P acket Captures)\, memory images\, etc.· Win awesome prizes\, learn new sk ills\, and get experience with some of the best Open Source tools for SecO ps!\n\nhttps://forum.defcon.org/node/232949\n\nhttps://discord.com/channel s/708208267699945503/711644213170667562\n\n@Recon_InfoSec\n\nhttps://opens oc.io URL:https://forum.defcon.org/node/233469 DTSTART:20200807T170000Z DTEND:20200808T020001Z LOCATION:https://discord.com/channels/708208267699945503/711644213170667562 END:VEVENT END:VCALENDAR