Red Team Hunt Event

When:  Nov 12, 2020 from 09:00 to 15:30 (ET)
Associated with  New York Metropolitan Chapter
What: Red Team Hunt
Presented by: ISACA New York Metropolitan Chapter
Conducted by: Vectra.ai
When: Thursday November 12th 2020, 9am-3:30pm
Where: Online on Zoom (information provided once registered)
Open to: ISACA New York Metropolitan Chapter members, ISACA student clubs, and other associations in the area.
Event Fee: Free
To register: https://www.cvent.com/d/f7q4y7/1Q

Registration closes on 11/5/2020 or when Event reaches capacity

Event Info:
What is a Red Team Hunt?
Fun way to challenge your offensive skills
OR
An educational lab to learn more about cyber threats!
Hands-on, interactive scavenger hunt, where players or teams complete a series of challenges.

About the Game:
Requirements:
− No mad hacking skills required to play, though skills help
− Please identify yourself as

Beginner
• You understand network concepts such as DNS, DHCP, RDP, TLN, etc.
• You have a basic understanding of IP Addressing schemes
• You worked with firewalls, proxy servers and routers
• You can connect via SSH to a Linux device
• You can know basic Linux shell commands
• You would like to expand your IT security knowledge

Intermediate
• You worked with Logs and can find what you are looking for
• You can create multiple Firewall rules
• You successfully identify traffic types on your network such as SMBv1
• You can monitor a host’s activity
• You have implemented (or assisted) with the security architecture at your organization
• You may have taken SANS training or similar industry training

Advanced
• You understand forensics analysis of metadata and PCAPs
• You can build signatures for malware and/ or exploit detection
• You have a strong command of the Linux shell and possibly scripting
• You have successfully run attack and penetration tests
• You have run hacking tools such as empire
• You can find a C&C, Recon, Lateral Movement and Exfiltration across a network
• You may have advanced certifications for SANS or OSCP

− You will be hunting in a team of 4. We will do our best to team up beginners with intermediate and advanced hunters.
− If you are joining the hunt with colleagues or classmates or friends and would like to be on the same team please list their names and we will try to accommodate your request.

 What is in it for participants?
− Fun, hands-on game… what better way to spend your day?
− 7 hours of CPE credits for players

 Prizes for Top Scores:
− 1st $150 virtual cash prize or donation to charity of your choice
− 2nd $150 virtual cash prize or donation to charity of your choice
− 3rd $150 virtual cash prize or donation to charity of your choice


Scoreboard and Challenges

 Types of Challenge Categories:
− Botnet
− Command and Control
− Reconnaissance
− Lateral Movement
− Exfiltration
 Examples/ Types of Behaviors:
− Hidden HTTP(S) Tunnel
− Port Scan
− Suspicious LDAO Query
− Automated Replication

 Challengers will be ranked by:
− Points scored– to determine winners
− ”Worst Offenders”
− “Biggest Movers”




Informational Session
When: November 9th at 7PM.
When: Zoom

Location

Online Instructions:
Event Image