DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

OpenSOC Blue Team CTF - Friday

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSOC Blue Team CTF - Friday

    OpenSOC is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network. This virtual environment is representative of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high-fidelity training environment for unleashing real-world attacks and testing responders’ abilities to filter and detect malicious activity on the network. This isn’t just another CTF. We’ve built this platform to train real-world responders to handle real-world situations, and each year we incorporate new scenarios that are modeled after threat actors and breaches experienced by the OpenSOC team. From APT attacks using 0-days and heavily weaponized shellcode to sneaky lateral movement and exfiltration techniques, we expose contestants to a wide-range of techniques that we see actively used in the wild.We encourage team participation, and always have folks on hand to assist those just getting started out.Even better - 100% of the security tools demonstrated within OpenSOC are Free and/or Open Source! These projects include Velociraptor, Sysmon, osquery, Suricata, Moloch, pfSense and Graylog + ELK bringing it all together in an awesome way. This allows our contestants to not only have fun at DEF CON, but also learn skills and tools they can take back to work on Monday.

    The Challenge:· Given an initial IOC (indicator of compromise), identify attacks that are being carried out against and within the enterprise environment, pivoting between key artifacts· Trace the attackers throughout the kill chain, submitting key IOCs and observables to the scoreboard as you reveal their tactics.· Reverse engineer any artifacts connected to hostile activities.· Perform forensics analysis on PCAPs (Packet Captures), memory images, etc.· Win awesome prizes, learn new skills, and get experience with some of the best Open Source tools for SecOps!

    https://forum.defcon.org/node/232949

    https://discord.com/channels/7082082...44213170667562

    @Recon_InfoSec

    https://opensoc.io
    Starts
    August 7, 2020 09:00
    Ends
    August 7, 2020 18:00
    Location
    https://discord.com/channels/708208267699945503/711644213170667562
Working...
X