https://wiki.hope.net/api.php?action=feedcontributions&feedformat=atom&user=EbiddlecomeHOPE Wiki - User contributions [en]2026-04-26T17:27:45ZUser contributionsMediaWiki 1.43.3https://wiki.hope.net/index.php?title=Intro_to_Attack_Techniques_workshop&diff=546Intro to Attack Techniques workshop2020-07-23T21:54:44Z<p>Ebiddlecome: Incident Response and the ATT&CK Matrix Workshop</p>
<hr />
<div>Learn how to take over Windows, Linux, and Android systems, and how to<br />
defend them. We begin with common tools: Nmap, Metasploit, and<br />
Armitage, and then go into buffer overflows, packet crafting, command<br />
injection, and SQL injection.<br />
<br />
No previous experience with programming or attacking is required.<br />
<br />
Participants need a credit card and a few dollars to rent Google Cloud<br />
servers. We will use Debian Linux and Windows Server 2016 systems. All<br />
the tools we will use are freely available, and all the training<br />
materials will remain available to everyone after the workshop ends.<br />
<br />
Visit [https://samsclass.info/ samsclass.info] to access the workshop materials.</div>Ebiddlecomehttps://wiki.hope.net/index.php?title=Securing_Web_Apps_workshop&diff=545Securing Web Apps workshop2020-07-23T21:52:41Z<p>Ebiddlecome: Created page with "Participants will attack Web applications with: command injection; SQL injection; Cross-Site Request Forgery; Cross-Site Scripting; cookie manipulation; and Server-Side Templa..."</p>
<hr />
<div>Participants will attack Web applications with: command injection; SQL<br />
injection; Cross-Site Request Forgery; Cross-Site Scripting; cookie<br />
manipulation; and Server-Side Template Injection. We will also exploit<br />
Drupal and SAML. We will then implement network defenses and<br />
monitoring agents. We will use Burp, Splunk, and Suricata.<br />
<br />
Prerequisites: participants should know basic security and networking.<br />
Experience with Web development is helpful but not necessary.<br />
<br />
The workshop is structured in a CTF format. Each participant works at<br />
their own pace. The techniques will be demonstrated, with complete<br />
step-by-step instructions to lead beginners through the easy<br />
challenges. There are also harder challenges for more experienced<br />
participants. We will help participants as needed, to ensure that<br />
everyone learns new techniques.<br />
<br />
Participants need a credit card (which won't be charged) to reserve a<br />
free Google Cloud server. All the tools we will use are freely<br />
available, and all the training materials will remain available to<br />
everyone after the workshop ends.<br />
<br />
Visit [https://samsclass.info/ samsclass.info] to access the workshop materials.</div>Ebiddlecomehttps://wiki.hope.net/index.php?title=Incident_Response_workshop&diff=544Incident Response workshop2020-07-23T21:49:29Z<p>Ebiddlecome: Incident Response and the ATT&CK Matrix Workshop</p>
<hr />
<div>Practice techniques to detect, analyze and respond to intrusions. We<br />
will construct targets and attackers on the Google cloud, and send<br />
attacks using Metasploit and Caldera to emulate APT attackers. We will<br />
monitor and analyze the attacks using Splunk, Suricata, Sysmon,<br />
Wireshark, Yara and online analysis tools including PacketTotal and<br />
VirusTotal.<br />
<br />
We will cover the ATT&CK Matrix in detail, which enumerates threat<br />
actors, tactics and techniques, so red and blue teams can better<br />
communicate and work together to secure networks.<br />
<br />
The workshop is structured in a CTF format. Each participant works at<br />
their own pace. The techniques will be demonstrated, with complete<br />
step-by-step instructions to lead beginners through the easy<br />
challenges. There are also harder challenges for more experienced<br />
participants. We will help participants as needed, to ensure that<br />
everyone learns new techniques.<br />
<br />
Participants need a credit card and a few dollars to rent Google Cloud<br />
servers. We will use Debian Linux and Windows Server 2016 systems. All<br />
the tools we will use are freely available, and all the training<br />
materials will remain available to everyone after the workshop ends.<br />
<br />
Visit [https://samsclass.info/ samsclass.info] to access the workshop materials.</div>Ebiddlecomehttps://wiki.hope.net/index.php?title=Incident_Response_workshop&diff=543Incident Response workshop2020-07-23T21:25:14Z<p>Ebiddlecome: Incident Response and the ATT&CK Matrix Workshop</p>
<hr />
<div>Practice techniques to detect, analyze and respond to intrusions. We<br />
will construct targets and attackers on the Google cloud, and send<br />
attacks using Metasploit and Caldera to emulate APT attackers. We will<br />
monitor and analyze the attacks using Splunk, Suricata, Sysmon,<br />
Wireshark, Yara and online analysis tools including PacketTotal and<br />
VirusTotal.<br />
<br />
We will cover the ATT&CK Matrix in detail, which enumerates threat<br />
actors, tactics and techniques, so red and blue teams can better<br />
communicate and work together to secure networks.<br />
<br />
The workshop is structured in a CTF format. Each participant works at<br />
their own pace. The techniques will be demonstrated, with complete<br />
step-by-step instructions to lead beginners through the easy<br />
challenges. There are also harder challenges for more experienced<br />
participants. We will help participants as needed, to ensure that<br />
everyone learns new techniques.<br />
<br />
Participants need a credit card and a few dollars to rent Google Cloud<br />
servers. We will use Debian Linux and Windows Server 2016 systems. All<br />
the tools we will use are freely available, and all the training<br />
materials will remain available to everyone after the workshop ends.</div>Ebiddlecome