From the core developers of RedELK comes this 3 hour workshop that will help you to become more in control of your red team operations.
For blue teamers, this will help you understand the artefacts that common investigation techniques leave behind.
Detection of detection, this will be a fun workshop!
Using a serie of assignments, you will go from understanding, installing and configuring RedELK to maximising its functionality for operational oversight and for detection of blue team activities.
You can make use of a realistic lab environment including Outflank’s OST Stage1 C2 and Cobalt Strike!
Make sure to bring a government identification (e.g. ID-card, pasport, etc.). We need to validate your identification before you can make use of the export controlled tools in the lab.
Workshop Outline
Module 1 – basics
Module 2 – Lab environment
Module 3 – Installation
Module 4 – C2 data
Module 5 – Operational Oversight
Module 6 – RedELK alarm lvl 1
Module 7 – RedELK alarm lvl 2
Module 8 – Advanced
Who Should Attend
This workshop is suited for both red and blue team members.
We set it up in a way that we can welcome both beginners and advanced red teamers, blue teamers and RedELK users.
Technical / Hardware / Software Requirements
Delegates will need to bring their own system that can do ssh, rdp and web browsing.