Incident Response and the ATT&CK Matrix 2020 CTF

With @sambowne, @djhardb, @KaitlynGuru, and @infosecirvin.

Scoreboard · Submit Flags

       

Final Scores for Cyber June'Gle 2020

Videos from CircleCityCon 2020

Scores from CircleCityCon 2020

Defending Linux Servers

ED 200: Google Cloud Linux Server  15
IR 201: Splunk & Suricata  45
IR 202: Metasploit & Drupalgeddon  85
IR 308: osquery  15

Prepare a Windows Server
Do One of These

H 220: Windows Virtual Machine  15
H 221: Google Cloud Windows Server  10

Defending Windows

IR 301: Installing Splunk on a Windows Server  15
IR 330: Detecting Ransomware with Splunk and Sysmon  20
IR 303: Capturing a RAM from a Process  15
IR 304: VirusTotal & Wireshark  35
IR 305: PacketTotal  45
IR 306: Yara  40
IR 307: Prefetch Forensics  15
IR 340: GRR Rapid Response  25
IR 350: Zeek Interactive Tutorial  59
IR 351: Installing and Using Zeek  25

ATT&CK Matrix

Reference: ATT&CK Matrix for Enterprise
ATT 1: ATT&CK Tactics  10
ATT 2: ATT&CK Techniques for Tactics 1-3  10
ATT 3: ATT&CK Techniques for Tactics 4-6  10
ATT 4: ATT&CK Techniques for Tactics 7-9  10
ATT 5: ATT&CK Techniques for Tactics 10-12  10
ATT 6: ATT&CK Groups  10
ATT 7: ATT&CK Navigator  10
ATT 100: Caldera  25+
ATT 101: Caldera Operation  15

Splunk Boss of the SOC

BOTSv1: Threat Hunting with Splunk  325

Basics

H 101 - 104: Binary Games  20
LJ: Linux Journey  83
B: Bandit Challenges  230
U-Cen and U-Cyb: PowerShell  75
Linux Unhatched: Free Course  
ICSI | Certified Penetration Tester: Free Course  

Metasploit

H 310: Metasploit v. ActiveMQ  20
H 311: Adding a Custom Exploit to Metasploit  15
H 312: Writing a Custom Metasploit Module  25
H 320: Creating a Trojan with Metasploit  15

Networking

H 410: Nmap  40
H 420: Wireshark  110
H 430: Scapy  20

Posted 6-12-2020
IR 340 added 6-19-2020
IR 350 added 6-21-2020
IR 351 added 6-26-2020