Lab Village

BSidesCharm 2018 will try something new that I am calling Lab Village. The idea is to have hands-on technical labs for open source infosec tools plus at various times throughout the day, someone that uses that tool for a living showing how they would solve that exercise. It is extremely difficult to explain how to tell when the assumption you made is incorrect in a generic sense, but in specific situations, it is significantly easier.

We need volunteers to build hands-on labs and to do live analysis. If you are interested in helping, please contact me on Twitter or email Forgotten ForgottenSec com!

My dream is to cover the major open source DFIR tools like:

  • Snort/Suricata IDS
  • Bro IDS
  • Argus
  • Autopsy/Sleuth Kit
  • Volitility
  • Wireshark/Network Miner/Xplico
  • Windows Logs – no specific tool, but …. lots to do here

Lab builders will end up helping to build the following:

  • Memory Image(s) with Malware
  • Hard Drive Image(s) with Malware
  • PCAPs with:
    • C2
    • Data Exfil + Profile of Normal
    • Malicious Web Traffic
    • And so on

Leave a Reply

Your email address will not be published. Required fields are marked *