Title: Velociraptor: An Introduction Into OpenSOC CTF Tools

Learn. Play. Do

We then demonstrate some of the major features that you can use to rapidly investigate, triage and contain adversaries on your network.

Try Velociraptor by downloading it from Github at https://github.com/Velocidex/velociraptor

Every year the Blue Team Village hosts OpenSOC. A unique defense CTF meant to teach and test practical incident response skills in an environment that's as close to "the real thing" as it gets.

This year BTV wanted to do more. We know that some Blue Teamers might be unfamiliar with some of the tools used by OpenSOC. And we didn't want that to keep anyone from playing this incredible defense simulation.

So this year we are dedicating all day Thursday to demo the various OpenSOC tools, before OpenSOC starts on Friday. These are tools like Graylog, Moloch, Zeek, Osquery, and others that Blue Teamers rely on every day to defend their networks against attackers.

That means that after you LEARN the tools, you can PLAY the OpenSOC CTF, and then take that knowledge back to your own Blue Team to DO the work of defending your network.

Speaker(s): Mike Cohen

Location: Blue Team Vlg / Blue Team Vlg - Workshop Track 1

Discord: https://discord.com/channels/7082082...54317658734613

Event starts: 2020-08-06 14:15 (02:15 PM) PDT (UTC -07:00)

Event ends: 2020-08-06 15:00 (03:00 PM) PDT (UTC -07:00)

For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-02T23:17 (UTC).