Open seamustuohy opened 5 years ago
Archiving Content
Fake Video/Photos
Censorship Measurement
Everything from Etienne's work here => https://github.com/Te-k/how-to-quick-forensic/blob/master/Windows.md
What can we build off of from the Champions Curricula? (https://github.com/securityfirst/championscurriculum) It targets a population with a similar skill level as the ones we are looking to target.
Compromised Wordpress (suggested by @Te-K over email)
Copying @rorymbyrne from #19:
Hey guys,
How about having users do a basic vulnerability assessment as a a topic? Maybe something like show users how to do a Nessus/OpenVAS report and output it?
Puzzles which are guiding users through configuring security, privacy, or incident checking on their accounts so the players learn how to do it themselves as well.
<Quick addition here since I'm away from my personal computer with my local code>
What can we build off of from the Champions Curricula? (https://github.com/securityfirst/championscurriculum) It targets a population with a similar skill level as the ones we are looking to target.
Sure thing. It needs to be updated a bit as the project got put on hold a bit but there should definitely be a few useful things in there.
How about some very very basic forensic tools?
-Cybertriage is great and pretty straight forward and has a ton of functionality - including if I remember how to take a an easy memory image -Process explorer is pretty simple to use, take a snapshot and compare -TCP view, Autoruns are both pretty simple
https://Any.Run and https://www.joesandbox.com are also useful tools that offer both more visual and more information than VirusTotal.
- Cleaning a device for travel. (Likely too difficult to make this into an activity. We would need multiple devices and a way to score what they delete and didn't. Also, the compromises between a purged device and productivity are hard to score for.)
Not quite the same, but device recovery after suspected compromise (thinking of scenarios where someone may have traveled and suspect there is malware etc. because of unusual performance, and want to restore their device with minimal data loss)
How about some very very basic forensic tools?
-Cybertriage is great and pretty straight forward and has a ton of functionality - including if I remember how to take a an easy memory image -Process explorer is pretty simple to use, take a snapshot and compare -TCP view, Autoruns are both pretty simple
I like this, it should be pretty easy to generate a few compromised machines and have people search for malware (only question is VM size and Windows licenses). I have written a guide that can be helpful for that https://github.com/Te-k/how-to-quick-forensic/blob/master/Windows.md
Shortened Links Challenge Items
site:twitter.com "bit.ly/HRWInfoSecTech"