The Bug Hunters Methodology Full 2-hour Training by Jason Haddix Red Team Village 2020-08-30 | The Bug Hunter's Methodology Full 2-hour Training by Jason HaddixTwitter: twitter.com/redteamvillage_Discord: discord.gg/redteamvillageWebsite: redteamvillage.io
DC32 - Red Team Village - Recap Red Team Village 2024-08-29 | Thank you to everyone who attended the village this year at DEF CON! Another huge thank you to our core team, sponsors, volunteers, goons, and DEF CON! Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC32 - Red Team Village x Amazon Red Team Village 2024-08-01 | Thank you Amazon for being a platinum sponsor! For more information about Amazon, please visit https://amazon.com. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC32 - Red Team Village x Kindo Red Team Village 2024-07-28 | Thank you Kindo for being a platinum sponsor! For more information, please visit https://kindo.ai. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
RTV x Flare - An Introduction to Flare Red Team Village 2024-07-27 | The Red Team Village Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC32 - Red Team Village x Core Team Red Team Village 2024-07-26 | Check out our amazing core team! Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC32 - Red Team Village x Horizon3.ai Red Team Village 2024-07-26 | Thank you for being one of our platinum sponsors! Additional information about Horizon3.ai can be obtained from https://www.horizon3.ai.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC32 - Red Team Village x Flare Red Team Village 2024-07-17 | Thank you for being a Diamond sponsor! For additional information about Flare, please visit https://flare.io.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC32 - Red Team Village x Optiv Red Team Village 2024-07-17 | Thank you for being one of our sponsors! Additional information about Optiv can be obtained from https://optiv.com. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC32 - Red Team Village x White Knight Labs Red Team Village 2024-07-09 | Thank you for being one of our platinum sponsors! Additional information about White Knight Labs can be obtained from https://whiteknightlabs.com.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
RTV x BC Security - An Introduction to CTFs Red Team Village 2024-06-15 | The Red Team Village Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC31 - Red Team Village - Recap Red Team Village 2023-08-24 | Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
HackerOne x Red Team Village Red Team Village 2023-08-07 | Thank you HackerOne for Sponsoring the Red Team Village!Additional information about HackerOne can be obtained from hackerone.comThe Red Team Village Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC31 - Red Team Village - Hack The Box Red Team Village 2023-08-02 | Additional information about Hack The Box can be found at hackthebox.euRed Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC31 - Red Team Village - Meta Red Team Village 2023-08-01 | Additional information about Meta can be found at meta.com.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC31 - Red Team Village - Buddobot Red Team Village 2023-07-28 | Additional information about Buddobot can be found at buddobot.com.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC31 - Red Team Village - Bishop Fox Red Team Village 2023-07-17 | Additional information about Bishop Fox can be found at:https://www.bishopfox.com. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC31 - Red Team Village - Optiv Red Team Village 2023-07-17 | Additional information about Optiv can be found at optiv.com. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
RTV Badge Preview - 2023 Red Team Village 2023-07-09 | Pick yours up now! https://redteamvillage.square.site/
Spinning up the RTV Ship Red Team Village 2023-04-13 | We are building up the things to bring you up to speed with the latest in Red Team Village activities and DEFCON 31. See you in the network.
DC30 - Red Team Village - Recap Red Team Village 2022-08-28 | Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC30 - Red Team Village - Ngrok Red Team Village 2022-08-18 | Additional information can be found at ngrok.com.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC30 - Red Team Village - Hackerwares Red Team Village 2022-08-08 | Additional information can be found at hackerware.io. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC30 - Red Team Village - SEKTOR7 Red Team Village 2022-08-08 | Additional information can be found at sektor7.net.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC30 - Red Team Village - Offensive Security Red Team Village 2022-08-02 | Additional information can be found at www.offensive-security.com.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC30 - Red Team Village - BC Security Red Team Village 2022-07-30 | Additional information can be found at www.bc-security.org.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC30 - Red Team Village - Nahamsec Red Team Village 2022-07-29 | Additional information can be found at nahamsec.com. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC30 - Red Team Village - Optiv Red Team Village 2022-07-29 | Additional information about Optiv can be found at optiv.com. Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
The Power of Social Engineering by Mishaal Khan Red Team Village 2021-09-19 | Speaker: Mishaal KhanOften times we hit a wall in our pentesting engagements. Sometimes all you need to do is ask! I'll go over a few real life scenarios where a bit of social engineering compromised an entire organization, made the difference between a successful and failed spear phishing campaign and how this super power is used to control a difficult situation, steer the outcome and get what you want. Recon, OSINT, planing, framing, ethical hacking, and reading expressions and body language all are components of this super power.The Red Team Village track at Hacktivitycon2021Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
Writing Better Vulnerability Reports - Nikhil Srivastava Red Team Village 2021-09-19 | Speaker: Nikhil SrivastavaThis Talk will covers all about how to write better vulnerability reports ranges from title, description, impact, CVSS, steps to reproduce and recommended fix to help individuals doing triage to quickly assess the reports.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
PEzoNG: Advanced Packer For Automated Evasion - Dimitri Di Cristofaro - Giorgio Bernardinetti Red Team Village 2021-09-19 | Title: PEzoNG: Advanced Packer For Automated Evasion On WindowsSpeakers: Dimitri Di Cristofaro and Giorgio BernardinettiA fully undetectable (FUD) executable is a highly coveted goal in cybersecurity field, especially in the case of Red Teams. In this talk we present the design and implementation of PEzoNG, a framework for automatic creation of FUD binaries in a Windows environment. PEzoNG features a custom loader for Windows binaries, polymorphic obfuscation, a payload decryption process and a number of anti-sandbox and anti-analysis evasion mechanisms - in particular we present a novel userland unhooking technique. In addition, the custom loader supports a large amount of Windows executable files, and features stealth and bleeding-edge memory allocation schemes. Finally we show the effectiveness of PEzoNG over a number of commercial anti-malware solutions. PEzoNG was born from the idea of PEzor (github.com/phra/PEzor), an open-source PE packer. At the time of writing PEzoNG is a completely different project from PEzor, though they still share a part of the name and the building environment, made up of LLVM and clang.PEzoNG is a project written in C and C++ and uses the Mingw-w64 development environment together with the LLVM toolchain in order to compile and link. PEzoNG source code is made up of three main components: - the malicious payload, e.g. Cobalt Strike Raw Shellcode, Mimikatz, SharpHound, etc.- the evasion code, which allows to evade from AV Sandboxes and EDRs- the main loader, which loads the malicious payload into memory and executes it. PEzoNG is built with modularity in mind and allows to add new features in a simple way by adding new modules that could implement different techniques with a low grained detail.The project is organized in the following macro-categories - or modules:- Encryption- Windows APIs- Syscalls- Evasion- PE loader- Shellcode injectionRed Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
Pentest Collaboration Framework - Ilya Shaposhnikov Red Team Village 2021-09-19 | Title: Pentest Collaboration FrameworkSpeaker: Shaposhnikov IlyaPentest Collaboration Framework. It's analogue of such utilities as Dradis and Faraday, but it is open source( free), portable (sqlite3) and cross-platform (python v3.9). The main task of the utility is to create a workspace for penetration testers/red teams to join all information about projects: hosts, hostnames, ports, notes, chats, issues, networks and more! Moreover you can export this information as: word, raw txt or defined variables only with user-defined templates.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
Exploitation with Reverse Shell and Infection with PowerShell using VBS Red Team Village 2021-09-19 | Title: Exploitation with Reverse Shell and Infection with PowerShell using VBSSpeaker: Filipi PIresThe purpose of this presentation, it was to execute several efficiency and detection tests in our lab environment protected with an endpoint solution, provided by CrowdStrike, this presentation brings the result of the defensive security analysis with an offensive mindset using reverse shell techniques to gain the access inside the victim's machine and after that performing a Malware in VBS to infected the victim machine through use some scripts in PowerShell to call this malware, in our environment bypassing some components and engines, such as: Malware Protection - Associated IOC (Command entered in script), Suspicious Processes, File System Access, Suspicious Processes, Suspicious Scripts and Commands, Intelligence-Sourced Threats, among others..The purpose of this presentation, it was to execute several efficiency and detection tests in our lab environment protected with an endpoint solution, provided by CrowdStrike, this presentation brings the result of the defensive security analysis with an offensive mindset using reverse shell techniques to gain the access inside the victim's machine and after that performing a Malware in VBS to infected the victim machine through use some scripts in PowerShell to call this malware, in our environment bypassing some components and engines, such as: Malware Protection - Associated IOC (Command entered in script), Suspicious Processes, File System Access, Suspicious Processes, Suspicious Scripts and Commands, Intelligence-Sourced Threats, among others..Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
SSH Tunnels: Creating Reverse Proxies and Evading Network Detection - Cory Wolff Red Team Village 2021-09-19 | Title: SSH Tunnels: Creating Reverse Proxies and Evading Network DetectionSpeaker: Cory WolffSSH tunneling is a valuable component of the red teamer's toolkit when used correctly - but that's the hard part. Demystifying reverse port forwards, local port forwards, and dynamic port forwards can be a challenge for any operator.This talk will begin with the basics of SSH tunneling and then focus on ways to utilize them to create reverse proxies and evade network monitoring during an engagement. It aims to provide clarity on the use of these different port forwards and provide examples on how to use them in an offensive security scenario.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
Evolve from Bug Bounties to Red Teams - Julian Dunning Red Team Village 2021-09-19 | Evolve from Bug Bounties to Red TeamsSpeaker: Julian DunningDoing bug bounties are a great way to get security experience looking for broad security issues at a company, but there's so much more unexplored attack surface after finding that first bug. This talk will explore how to advance your bug bounty knowledge into a full "red team" engagement. Chain your bugs together in clever way and exploit one bug for another. Learn about various red team experiences and tactics from someone who has done end to end engagements at many companies.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
Breaking Into The Industry With No Experience - Nate Curry Red Team Village 2021-09-19 | Title: Breaking Into The Industry With No ExperienceSpeaker: Nate CurryThis talk will help guide the students on what they need to have accomplished when attempting to get a job as a pentester. I'll be discussing things that will help set them apart and help demystify what a lot of companies are looking for when interviewing them. I'll do my best to present this information in a fun and entertaining way as well.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
Continuously Deliver a Secure Docker App to Orchestrators - Rachana Vishwanathula Red Team Village 2021-09-19 | Title: Securing container images & leverage Kubernetes native CI/CD pipelines in the DevOps world!!Speaker: Rachana Vishwanathula Enterprises are moving to a “shift-left” culture with security seamlessly embedded throughout the development life cycle. Enterprises are ‘shifting-left’ and incorporating security into every stage of the development life cycle of a project/product. Some of the best practices to ensure security in container images are to: • use DCT (Docker Content Trust), • perform VA (Vulnerability Advisor) Scan on Images, • securely signing an image and enforcing a policy that ensures an image can’t be deployed until the signatures are found and validated. Is there a way to automate these tasks? Yes, by setting up a CI/CD pipeline that in-turn manages these tasks every time a new change is made to the image. This talk focuses on how to continuously integrate and deliver a secure signed Docker app to Kubernetes service. Docker Content Trust provides strong cryptographic guarantees over what code and what versions of software are run in your infrastructure. Docker Content Trust integrates The Update Framework (TUF) into Docker by using Notary, an open-source tool that provides trust over any content. And this can beautifully be leveraged in CI/CD pipelines along with Key Management software. When a publisher who is using Docker Content Trust pushes an image to a remote registry, Docker Engine locally signs the image with the publisher’s private key. When a user pulls this image, Docker Engine uses the publisher’s public key to verify that the image is exactly what the publisher created. It also ensures that the image wasn’t tampered with and that it is up to date. VA (Vulnerability Advisor) Scan on Images is an assessment on docker images which identifies if there are any OS Vulnerabilities(unpatched libraries and OS components, vulnerable kernel versions), Application Weaknesses(SQL Injection, XSS and Buffer Overloading), Configuration vulnerabilities(nonsecure OS settings, such as passwords or logins as well as network configuration, including allow root). This can be done with opensource tools like OpenSCAP and there are enterprise flavours which does the same functionality. This talk demonstrates how to perform this on docker images in CI/CD pipelines before they are deployed. Container Image Security Enforcement (CISE) retrieves information about image content trust and vulnerabilities. This step is to securely sign an image and enforce a policy that ensures an image can’t be deployed until the signatures are found and validated. This can be achieved through Image Signing."Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
1) Attack Surface for Android Apps | 2) Map and Conquer Application Security Over the Cloud Red Team Village 2021-09-19 | * First talk: Attack Surface for Android Apps Speaker: Akshansh Jaiswal* Second talk: 1:00:05 Map and Conquer Application Security Over the Cloud Speaker: Pankaj MouriyaRed Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
CodeQL as an Audit Oracle (workshop) by Alvaro Muñoz during HacktivityCon 2021 Red Team Village 2021-09-19 | CodeQL as an Audit Oracle (workshop)Speaker: Alvaro MuñozGitHub for the workshop: github.com/github/codeql-dubbo-workshopRed Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
PwnMachine by YesWeHack at the Red Team Village Red Team Village 2021-09-17 | PwnMachine by YesWeHackGitHub repository: github.com/yeswehack/pwn-machinePwnMachine is a self hosting solution based on docker aiming to provide an easy to use pwning station for bug hunters.Red Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DEF CON 29 RTV CTF Recap and Upcoming Events Red Team Village 2021-08-18 | DEF CON 29 RTV CTF Recap and Upcoming Events
The future of Artificial Intelligence, Machine Learning, and Offensive Security Red Team Village 2021-08-09 | A panel discussion in collaboration with the DEF CON AI Village.Speakers: Bruce Schneier, Anita Nikolich (University of Illinois), Chris Cottrell (NVIDIA), Rich Harang (DUO), Ram Shankar (Microsoft), and Omar Santos (Cisco). AI Village Website: aivillage.orgRed Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DEF CON 29 Red Team Village CTF: Day 3 Red Team Village 2021-08-08 | DEF CON 29 Red Team Village CTF: Day 3CTF finals are now Live! IMPORTANT: All communication during DEF CON 29 will take place at the DEF CON Discord Server at discord.gg/defcon
Custom Mechanical Keyboard Build - Red Team Village Red Team Village 2021-08-08 | Custom Mechanical Keyboard Build - Red Team Village
DEF CON 29 Red Team Village CTF: Day 2 Red Team Village 2021-08-07 | DEF CON 29 Red Team Village CTF: Day 2Schedule: redteamvillage.io/scheduleIMPORTANT: All communication during DEF CON 29 will take place at the DEF CON Discord Server at discord.gg/defcon
DEF CON 29 Red Team Village CTF: Day 1 Red Team Village 2021-08-07 | DEF CON 29 Red Team Village CTF: Day 1Schedule: redteamvillage.io/scheduleIMPORTANT: All communication during DEF CON 29 will take place at the DEF CON Discord Server at discord.gg/defcon
DC29 Red Team Village CTF Stream Schedule - DAY 1 Red Team Village 2021-08-05 | DEF CON 29 Red Team Village CTF Stream ScheduleRed Team Village Website: redteamvillage.ioTwitter: redteamvillage.io/twitter
DC29 - Red Team Village CTF Sponsor - Hack the Box Red Team Village 2021-07-30 | DC29 - Red Team Village CTF Sponsor - Hack the BoxHack the Box Website: https://www.hackthebox.euRed Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
DC29 - Red Team Village CTF Sponsor - Optiv Red Team Village 2021-07-29 | Thank you Optiv for sponsoring the RTV CTF during DEF CON 29.Optiv's website: optiv.comRed Team Village Website: redteamvillage.ioDiscord: redteamvillage.io/discordTwitter: redteamvillage.io/twitter
A discussion about the DEF CON 29 Red Team Village CyberWraith Red Team Village 2021-07-29 | Connecting Cyber Pros to Cyber Roles using CyberWraith, the first cyber gaming universe that leads to a real-world job!FIRST PRIZE $1,000.00!!!More information at: redteamvillage.io/cyberwraith
