 All right, welcome back everybody and with me I have Wes and Emma directly from the Defconn floor, so welcome Hey, how's it going? Can you hear us now? I can hear you now. Awesome. Thanks for being with us Yeah, definitely live from the floor here like going on still a lot of excitement for a Sunday night or Sunday day, right, but How are things going with you Omar? Doing well doing well is a busy day, but But doing perfect and the biggest biggest thing we got about an hour left of our finals We have one team that Very are I think either 100 or 200 points shy things a hundred points. I have closing it out of getting everything So that's pretty epic And then we got a few other teams that are you know kind of jockeying for a second and third there So we'll see See what happens over the next hour We had a lot of movement on the qualifiers right great towards the end last couple hours So we're really pumped to kind of see what what comes with that But one of the big things that kind of makes this CTF happen Kind of makes it all possible is hack the box So we have Emma here with hack the box and because of them I'll tell you Hack the box has been a partner for probably two and a half three years now Doing a lot of essentially like epic prize donations for us every single event tons of pro labs VIP labs Academy cubes stickers t-shirts Everything like it is amazing what we're able to give away and I would say you're one of our longest one of the longest kind of sponsors that we've had and All of our CTF players know that you know they come play and just the the sure amount of swag and prizes and everything that they give out that there's a good chance they're gonna get it and that's one of the biggest things you know kind of with the hack the box community is able to Give out prizes to everyone so you don't have to come in first second third, right? We do surveys we do giveaways Twitter, you know in Defconn. We had a few kind of pop-up Giveaways every now and then so just had to run down here within 10 minutes or whatever to get something You know people that are just being awesome in like discord helping other people out We're able to kind of give them Academy cubes all sorts of things so you want to talk a little bit about Maybe some of the things that you guys offer. Yeah, for sure We love to give out prizes to tons of different events so we can help encourage the Learning of everyone everything from Academy Cube, which is our latest big product where we have started to move into the more educational courses We also have our pro lab offerings Which is great for everyone who is brand new to experience where it's full networks where you can practice later skills And we also have smaller machines and individual challenges Which you can give a set of 20 active machines where everyone connects a set for free at any point and then we have our retired machines which are Free with write-ups, but you can access the latest two or you can pay a monthly subscription and get your own private instance and everything Which is great for learning and just learning everything So no definitely, you know, I would say like there's a lot of overlap in some of our styles, right? So like in our qualifiers, we have a lot of standalone boxes that are very similar So kind of what are you talking about it? Yeah, the active machines or as well as retired machines Individual kind of standalone. So we have those and those are like amazing a lot of overlap there But then we also have for our finals like the in-depth scenarios, which is kind of like Dante's lab. I can't remember. What are the other pro labs you have right now? Offshore cybernetics Resta and APT labs. Awesome. Awesome. So same thing our finals is just like that where you can actually you know VPN in You know whether it's fishing a lot of same techniques things like that that you kind of see but just different scenarios Super in-depth super amazing. I had a chance to play one or two of those pro labs All I'll say I got stuck much twice Wasted probably a week on one one particular box. I know there's definitely different You know, we have a 24-hour kind of time limit for our CTF here But yeah, I was being my head against one of the boxes just trying to land a Covenant payload learned a lot about like Windows Defender and evasion all that other stuff Which you know may or may not have been important in our CTF finals We learned a lot about you know evasion with Defender in this one a lot of the teams kind of leveled up quickly So with that a lot of overlap between the two And that's why I think like we're a good fit that we kind of offer a similar product Where you know we do this a couple times throughout the year a lot of fun But hack the box is able to kind of offer that you know on demand anytime you want Yeah, like you can always access our stuff, which is great for practicing for these like shorter time-limited events a lot of the stuff overlaps And it's whenever you want after work during school You can practice learn and get ready for these bigger events and train and we ourselves So it's like a few of those big events every year where we love to give out tons of prizes is for everyone You know, you don't have to place great. You just got to participate and we love to give out tons of those stuff Yeah, I think Emma just hit it on the head of like we have that same kind of community feel All right, we want everyone to come out learn something We don't want you to get you know frustrated. It's easy just to say like try harder, right? But we want you to learn and we will definitely walk you through right unless you're a top three team Then we're not gonna help you but Outside of that we want you to learn want you to have fun We want you to level up, you know come back out again And definitely get you know all sorts of swag whether it's the the cubes the shirts the stickers all that good stuff So and the one other piece that I love, you know, we love coming out here and doing it free And we couldn't do that without sponsors like hack the box But the biggest thing though as far as like value right your your return on investment for Training I think hack the box has that right so whether it's the cubes or just the experience right like you can start off for free No price on the 20 active machines But then just for a rather small amount you can actually get you know The vip lab or the pro labs, you know, they're pretty cost effective You can do the academy cubes if there's particular topics you want so Yeah, we also have a good few academy modules for free where you can just give a shot try it out You start off with I think 40 cubes and once you complete one of the Modules you get a certain amount of cubes back for the free ones you get 10 back So at 40, so it's free And no matter what you always get something back We also have offerings for the business side. So if you want to train your whole team You can reach out to us for that. So that's a good way No, it definitely that that's happy. There's definitely a lot that you can do there I've been a part of companies that you know have done some of the private servers things like that It's really great team building experience kind of bring your whole team together do it together You kind of level up your workforce skills. So Huge shout out again to hack the box I can't thank you enough Token of our appreciation. We got we got a coin and a t-shirt for you A few other things, but I know it pales in comparison to what hack the box gives us Multiple times throughout the year. So we love to sponsor as many events as we can get out with the community and make sure everyone Learn something even if you don't get root as long as you get a good learning experience out of it That's what matters So thank you so much Emma for coming out and spend some time with us Uh, Omar, you got anything for Emma? Oh, you're muted Sorry I didn't want to interrupt your conversation on a double meter myself. So uh, no once again I echo what west mentioned. Thank you so much for all the support not only this year But throughout the years you have been amazing not only to the direct in village But the whole community as a whole so um anything that you want to highlight from the from the Scoreboard here Oh, okay. I see I've seen a little bit of movement. I think kind of between the uh fourth and fifth teams They look tied now. So and not that far off from a third place So we I think we can definitely see some movement. They got about 50 ish minutes left. So Uh, I don't know. I don't I think we have first place pretty much locked in but uh, I think second and third is still up for grabs so Also get in there submit the flags. Um Huge shout out to our team doing support kind of back end They've been amazing on the CE red team discord def con discord channel So definitely hit up any of our folks out there if you have any issues or anything like that Again, like thank you to all our volunteers that came out here as well as all the players that came out We couldn't you know over 2,000 players that we had in the qualifiers, you know, something like 22,000 flags submitted It was just epic the amount of participation that we had and the number of people that came up to the booth as well As people playing virtually in discord. We loved it. Uh, and then now with our final team We even had one or two final teams Come by the booth. So that was that was awesome kind of meet them in person So a huge shout out to them and then uh, definitely looking forward to sending out some swag to the top three Awesome. And as a matter of fact, you just touching something real quick One of the questions that we're getting all the time is hey, what what are we expecting from the top three? And what are what are the prices? Oh We got a little bit of everything. Uh, we definitely have a number of courses to include Some of the hack the box whether it's the vip Can be cubes for other things to hand out And I know definitely some of the some of the first place teams have quite a few people on them So we got that as well as various courses from sector seven Offensive security. So there's a lot out there that we haven't, you know, totally given away. So definitely a big swag Thing but the biggest thing that we're going to do is we have a giveaway or not giveaway But uh, we're going to give them some coins. We are custom coins From I think you've seen them in some of our twitter's But either way the red team village in particular for this year that the dunder muffin Uh scenario or theme so huge out they'll get a couple of those As well as some virtual prizes. So Since all the international ones, you know, it's kind of hard to do all the international shipping But they're going to get some some good virtual swag as well as, you know, a few physical gifts there is to make it worthwhile. So Very very cool. Thank you Two things You mentioned yesterday that Anybody can actually create their own walkthrough video and then tweet the red team village ctf and the ctf Um, you know, we're advertising that down below Anything else that you want to expand on on that? Oh, yes. So I know we get a lot of the questions of uh, you know, we're we're a little bit different Than like hackbox. We don't release kind of walkthroughs and a whole lot of stuff I know with their academy cubes. They have a lot of that training to release everything Uh, but even though we don't publicly release kind of walkthroughs for our challenges We may down the road. Uh, we're thinking about it. But what we do encourage though We want everyone who does them to do a write-up. We love seeing those I love for me personally like if I make a challenge I love seeing someone else's mindset like what they thought of it, right? I want to I want to know good and bad Right. Did you like it? Did you hate it? Was this frustrating? But was it frustrated in a good way or a bad way? so we love seeing them and Uh, if you tweet with red team village or the author of the challenge That's listed in all the challenges or myself or uh, pony ip We will go ahead and blast that out, right? So, you know, if you uh, low key looking for, you know, some some traffic to your site Whatever, uh, get, you know, they're all closed or get hub pages Just do a walkthrough shoot it to us and then well, we'll blast it out because we love reading them And then we love just, you know, push them out there for other people because we get those questions Is a lot definitely after an event We shoot them out to some of the other people when they call and they hey, I got this question about this challenge I don't know how to do it and be like well this other player they did a write up for it. Here you go Check it out. So please do write ups tag us in it and we'll you know, we'll retweet Uh and like it so Awesome, and I'm just Trying to type superfast in here, but I put a banner down below with your twitter handle So, uh west is not researcher and also pony ip. So if you tag them both Uh, please do so and then the last Announcement you what you just mentioned, you know, please join the conversation at the defcon official server And I have the link in the bottom of the screen as long as well as the channel So with that, thank you again. Emma so much for your time and your help So one last one last thing. How can we get a hold of you? Uh, you can reach me on twitter at 0x e m m a Uh, shoot me an email because I'm talking about anything. I'm a hack the box dot e Is there great ways perfect perfect? So definitely any you know questions for emma or the hack the box team reach out Emma's community manager. So definitely loves hearing from people. So please, you know, reach out hit them up Hit them up on twitter any kind of thing like that. So it's great stuff there. So Again, thank you so much to hack the box. Thank you so much to our players Hope you have fun still about 45 minutes if you want to stop by the booth last 45 minutes That's great. If not, we'll see most of everyone at closing ceremonies for just the announcement of the winners, but 45 minutes, please, you know, keep on speed of those flags. Have fun Thank you. Thanks knock who's there this guy? What's up red teamers? What's up defcon? It's your favorite fake brilliant billionaire investor My little birdies cheap cheap cheap cheap cheap cheap cheap cheap cheap. I like cheap things. That's why I'm rich They let me know that lunar fire is under fire, but that is a tres comas company And that's got so much smart shit in it And so it's unhackable or is it? No, it isn't Not even you boy and girl geniuses can do it You would have to be the human equivalents of cars with doors that open like this or like this. Are you? Can you will you don't help from the red team village and today We are here with Omar Santos from the red team village as well as our guest ipsec from hack the box Hey guys, what's going on? Oh Uh ipsec hack the box has been a long time supporter of the village. Can you tell me more about the company? Yeah, um hack the box is a hands-on security training platform And our main goal is to make good training readily available to anyone in the world If you're new to a topic or just the field in general We have hack the box academy and it's a guided learning experience Which just means we have written material in hands-on labs and again when building this Accessibility was our number one desire. So we created the pound box which allows you to have a Whole operating system in your browser. So the machine you're doing these learning on doesn't even have to be powerful You can do it on like a chromebook if for some reason you want to do it on a phone you can I wouldn't recommend that But everything's done within a web browser if you want to bring your own os We also provide a vpn pack for you so you can join your os to the vpn and go on learning In addition to the academy, we have unguided learning, which is what we're most famous for This is the weekly challenges machines or entire like networks We put out on the platform and that we ask people not to publicly talk about these challenges until they retire Which is typically 20 weeks This is my favorite and what I credit most of my success to because it really enforces building good social relationships That not only help get you the help when you need it But also when teaching it often validates your understanding of it And it's proven to help memory retention So I have a lot of friends from my in my social network that include barry I met him through another friend who met him at derby con which is a similar event of red team village And the funny thing is both my other friend kyle and barry all lived within like 30 miles of each other But we met like hundreds of miles away. So definitely like Important to go view and travel and experience the community because you'll never know who you find and how close people may be It's a small world Absolutely, I think we've all been cooped up these last few months here I think a lot of people are excited to go in person to las vegas to attend death con And so we're really excited to see some of our old friends and make some new ones Um speaking of of that community, you know hackbox is a very vibrant community both on their discord as well as all over twitter Can you tell me a little bit more about the people behind hack the box? Maybe some projects that you might be working on Yeah, we have a innovation team that's designed at like pushing what we think is the limit So typically most of our stuff is either a docker or a vm or image And the innovation team is looking into google cloud aws and azure To provide a pro lab called black sky which is just based upon those types of features So if you want to exploit iam or do a lot of those unique cloud things black sky lab is going to be that We also have as you said the discord community We have road runner who runs that and they help provide a lot of good support and just learning to anyone In addition to a bunch of ctfs. I think we run the ctf like every other month or something. It's insane Well Talking about the ctf and talking about all the activities, you know throughout the years you guys have supported the retin village Tremendously. So first of all, thank you and thank you. Hack the box So one of I got a couple of questions, right? So one of the questions is, you know, what will you say that is the best part about sponsoring Community efforts like the retin village ctf this year I mean, obviously it helps the community grow and most of my like Relationships I can credit almost all my professional success as to leaching off my friend's knowledge because no one can know everything And I can't speak for anyone to hack the box But I know a bunch of my friends at hack the box are super excited to play a ctf built by other people And we've played the red team village cts for quite a while I vaguely remember one. I think two years ago that involved exploiting a printer, which was new to all of us We're all like big binary exploit people and then through a different architecture at us that we never really Experimented with and it was just a lot of fun to play so super excited to Sponsored an event that we can participate in and learn new things to hopefully put out on our platform in the future Thank you. Appreciate that. I think that you're hitting my next question. Which is why do you think sponsoring the The red team village this year is so important for the community Yeah, um number one it's important to like With covet and all we want to increase the socialization and everything we've been all cooped up And the red team village incorporates all of hack the boxes things. The main thing was being accessible If you can't travel you can do it online and form a team And additionally if you want it's available for the high cost of zero dollars Which it lines with kind of our methodology and what we want All our machines are available for free for a time and then once they retire Then you have to pay a small fee to gain access to it because hosting 150 images permanently would just be expensive can't do that for free Additionally, I believe infosec is a unique profession where team building activities have immeasurable impact If you look at the non-infosec teams, they still do team building activities like you have that gimmicky trust fall and escape room etc And they're doing them just to help build that social bond between co-workers So you know, it's valuable since that's the only thing they care about in the infosec world We have cts that is just like that on steroids. It has all that same social bonding benefits. Like I mentioned earlier I play cts with barry. I've played cts with oxtf. Mr. Ben John Hammond a bunch of people I just have a lot of fun with playing these cts along with co-workers And in addition to that social bond that you build It also gives you a lot of techniques that you may be able to immediately provide your work value because you're Joining hands with a bunch of other companies to learn things It wouldn't surprise me if you do the ctf and then find something you can immediately turn around to do on your job I remember doing almost any pro lab I'll use offshore as an example where the frithold involves exploiting splunk And I had a pen test that I kept missing this vector on because I just didn't know it and mr. Ben put it in that pro lab So when I did that it was just like an eye-opening thing of oh god, what have I been missing? So definitely the big social aspect is huge here Awesome, and and I couldn't agree more and and once again, you know, thank you I have one more last question when it's around the benefits that your team actually will receive By participating at the you know that kind of red team village ctf this year Yeah, um hack the box and red team village are almost anonymous and what we provide and are methodologies So the only unfortunate thing is the red team village ctf is a yearly thing Well, hack the box produces new things on a weekly basis It's probably not to the scale that red team village will be doing just because it's constant But if you're itching to do more after doing the ctf definitely check out the platform if you haven't And go over to hack the box because I'm sure you'll love the challenges we put on the site Awesome. So once again, thank you so much for supporting us. Thank you hack the box You know for sponsoring the red team village and I hope to see you at defcon. Yeah, take care I I'm bair darnel with the red team village and I'm here today with ryan dory and matt eidelberg from octave Everybody and uh, thank you so much for being here today and I want to uh, Thank octave for being a sponsor for the red team village ctf this year Your support really helps uh, and it goes a long way at uh, allowing us to provide a big event both in person and virtually Can you tell me a little bit more about octave? Yeah, absolutely. So to put it very simply octave is a pure play cyber security partner and what does that mean? We aim to do security all security all the time, right? We can help in ways of advisory deployment and even manage operations, right? So ultimately our our goal is very simply to Help organize the organizations realize a more effective security program and posture And uh for for both of you specifically what what do you do at octave? So I am a senior director inside of threat management, which is a large umbrella But I specifically have the privilege of leading our attack and pen team Um, so my focus is on the direction of success of that team and I achieve this largely by enabling the great folks around me Such as uh, mr. I over here Attack and pen my primary role is leading the adversarial simulation services. This is our Branch that focuses primarily on red and purple team operations My role in there is not only executing these types of engagements We're also focusing on helping to innovate the team and grow more operators to perform these types of engagements All right, and uh and for the for that attack and pen practice. Uh, why do you like working there? Yeah, so for me first and foremost, uh, it's it's the close family atmosphere that we have on the team And what I mean by that is I've been on the team for almost nine years now I've been in attack and pen the entire time and I'm not alone in that There's several other individuals on the team that that have been here for a single amount of time such a such as matt himself So what that yield is a really good dynamic of folks to work well together while we Simultaneously, you know pursue our passion of offensive security And just to add on to that I would say in a single word the community The team itself Honestly strives constantly to push the boundaries to teach each other new things whether or not it's a you know failures From previous engagements to help educate for future Kind of tests or even success stories. It's all about sharing and kind of bolstering each other through knowledge sharing Absolutely, and you know and a plug for that that giving back to the community aspect You know I was on your github the other day and uh, I was looking at the scarecrow And I know I've got that on my list to do a deep dive on after after def con You know love love the fact that uh, you know a lot of big players in information security Share that research share that tooling that they create Yep, that's what we strive to do here And for your team, um, you know, what types of people work there? Well, what are their backgrounds? So it's a good variety of backgrounds, right? So we have folks uh some from being a good part of us being veterans To business minded folks to engineering folks, etc, right? Uh, but like I mentioned earlier, there there's the ultimate commonality, right of a shared objective of offensive and passion for offensive security testing And then what we qualify that success really is is helping leave our clients better than we found them at the end of the day And of course, you know folks have a very specific Or can't have a specific subset of interest inside the team That could be of iot to embedded to wireless to low-level windows stuff to evasion Etc, right? So there's definitely some some sub pockets for people to really go a mile deep on Great and with such a diverse group, uh, what makes somebody a success in amp? So aside from a technical acumen, which obviously is held, you know, it's an important quality on this specific role, right? Is the ability to show ownership and leadership and give back to the team? Really, you know owning a specific service or an offering Helping others mentoring, etc. We hold that in incredibly high value um, and then as we mentioned earlier with regard to Like source zero and scarecrow, right is the the public thought leadership to help the team immediately and then also give back to the community as well Yep, and just to add on to that. I would say the eagerness to learn and improve your tradecraft Um, honestly the ones we see that excel the most are the ones that not only focus on themselves But also make sure that they help their fellow teammates or co-workers whether or not they're struggling with something or helping to help them Also pursue and grow their talents. Those are the ones that I see often have the biggest success here That's great. Uh, absolutely. I mean this is this is a team sport doing what we do Yep For the for the red team village one thing that we we really love to do is is offer a lot of Environments for training. We do workshops. We we've we uh participate in a lot of different cons Um, and one thing, you know, we want to do is bring as many people into this community as possible And so I'd like to ask for both of you, you know, what is your advice for people who are interested in cyber security as a profession? Yeah, absolutely. So I mean I'll speak to you know the path that I took to get here And I think it holds true to the to the question, right? But I think it's very important and imperative for folks to have a a deep foundational understanding to as to how Things work, right? So what I mean by that is how does active directory work? How does networking function? How can you manipulate these things to maybe Work outside the bounds it was intended to right so that can apply to even development web applications, etc Um, oftentimes I get asked by people that are a bit younger and stay in college or whatever and they're like Hey, should I take this security class and become a pen tester? Well, I would really encourage folks to get a lot of those more foundational understandings to how things work Before they move to the stage of trying to you know, move to the adversarial emulation types part Yep, and I would just add to not just focus when you're learning on red team tactics It's incredibly valuable in the current landscape to Focus on both blue and red team Having that ability to speak both can really augment your skill set and you know This is very much a cat and mouse game based industry and just knowing both sides their playbooks Can really help you understand the strengths and weaknesses of both sides So when you're coming up against say a red team or a blue team You know what they are great at and what their weaknesses are to really help plan out those attacks or even your knowledge set to improve on Those that is phenomenal advice This industry is is a challenge because there's so much breath and depth that you can take Not to mention that it's evolving every single day. It's impossible to keep up So you've got to have that thirst for knowledge and and without that foundation. It is quite difficult I mean you might throw that exploit and get that get that shell back But then the question is what do you do next? Right? And so Great advice. I want to thank both of you for being here today Thank you again for the sponsorship looking forward to to meeting you in person And and also with with DEF CON right around the corner You know looking to to engage with old friends and and make some new ones. So so thank you again Absolutely. Thank you for the opportunity and we're looking forward to seeing some folks out at DEF CON Knock who's there this guy? What's up red teamers? What's up DEF CON? It's your favorite fake brilliant billionaire investor My little birdies cheap cheap cheap cheap cheap cheap cheap cheap cheap. I like cheap things. That's why I'm rich They let me know that lunar fire is under fire, but that is a tres comas company And that's got so much smart shit in it And so it's unhackable or is it? No, it isn't Not even you boy and girl geniuses can do it You would have to be the human equivalents of cars with doors that open like this or like this Are you Can you will you don't? Close your eyes Feel the energy Hey, can you hear me all more with the stream? Can't hear no Oh walmar. I can't hear you but uh, hopefully you can hear us. Maybe give us thumbs up if you can hear us But we are you can hear you. I can hear you now. Perfect. Thank you. So we are definitely live from the floor so I'm here west also go my knob researcher get austin here with me Definitely one of our ctf builders uh system dome on the on the tweeters So either way we got about two minutes left here looking at this scoreboard There's a lot of movement a lot of you know kind of back and forth Well first place though has been pretty pretty rock solid staying in first there But we did we get any last minute movement between Yes, son of anton jumped up a bit I called the two boxes. Oh, so son of anton had a big jump They were they were tied for like fourth and fifth there fourth and fifth for a little bit So we saw a little bit last movement. So we got Approximately one minute left here then we are going to close down the scoreboard or pause the scoreboard So with that, uh I think it's uh, I don't know what any kind of commentary what you saw on the scoreboards movement I just I'm just I can't say that enough like I'm just extremely impressed with like uh, all the team Like a lot of most of the teams were able to get into the into the network Uh, I know windows defender was kind of giving uh giving out some beatings, but uh Now they ended up they didn't get in I've seen a lot of like innovation Um, I mean obviously ai generated an ept or just absolutely killing it Um, a lot of like really elite folks there. I'm just super impressed I'm really glad that someone was able to to get through all the boxes And get all the way to the last box and get the last flag. I know Are one of our challenge designers who wrote that last, uh, Poneble Um, he spent a lot of time and effort and he was explaining to me how it works And you know, I probably wouldn't have got that in a million years. So, uh, god bless Whatever for a reverser had to kind of go through that, but um, you know, what what a champ That's all I gotta say that that's incredible. So it is it is official. Uh, We uh, you know, we'll be closing the scoreboard here in a moment But it is official. It is 12 o'clock Local time here. So with that the competition is over. So huge shout out to ai generated They not only came in first place, but they got every single flag We I will tell you last night We were kind of having this whole debate and you know, kind of leading up to everything of You know, is a team going to be able to kind of close this out and really Check off every box on the board and ai generated came through and did that So super huge shout out to them Very impressive work. I had a little skill involved is just absolutely like mind boggling, especially in such a short time frame Like I know it took us just walking through it with the answers It took us quite a long time to kind of get through and I know there were some hiccups on the infrastructure side a little bit Um, and some of the understanding on some of the callbacks and whatnot But I'm really glad to see that they just absolutely like swept it out and also a huge shout out to ebt And then the hack street boys Great name by the way So don't forget. Uh, definitely at closing ceremonies. Uh, hack street boys will be put on a short performance. Uh, they'll be They'll be dancing across the stage there for a little bit. Uh, so definitely come on out and see them I don't know what song they're gonna pick, but it should be pretty epic But with that, yeah, definitely ebt and hack street boys like the level of talent I would say like as we were going through in qa in this, you know, you're talking about the people who made this Going through in qa and the the challenges Making sure, you know, things worked as as expected We took a long time to kind of go through this scenario multiple times over and over again and We thought we, you know, we're getting faster each time, but we still we still never did it in 24 hours And you know, yeah, it's it's one thing to kind of go through knowing the answers But then, uh, you know, when you try to design some of these puzzles and some of these challenges To be solvable and you're not sure if you give them the right hints or whatnot And we were kind of discussing amongst ourselves like we're not sure if anybody's going to get through even to the second network Um, and just you know with a scenario right of the supply side attack and kind of like uh Subverting that code base to then get execution in the second network And we had quite a few teams actually get into the second network, which I was impressed with and kind of writing that that back door Um, you know, just really impressed and uh and kind of like a true testament to you know It's a red team village ctf great red teamers Um, hopefully, you know, the teams had fun Learned a lot. I at least hope I know I did and then uh as well Just, you know, hopefully this came close to at least somewhat of a realistic network or something You might see in a red team engagement And hopefully you found it was more related to current events and kind of some of the the the novel like apt techniques That we've seen from this year, um, especially on the threat intel side and uh kind of reflected In the two networks, so so definitely, uh, I'll be honest. I think we lied to you all We said there's going to be no a pentest report required at the end of this, but You know look at the teams like the talent that you had You know, if you haven't had any like walkthroughs or any, you know, the particular boxes or anything you want to share You know, uh, we definitely love to see those write-ups, you know, make sure to you know If you write up anything put it out there Whether it's you know on your blog or get up pages or whatever it is, right? We'd love to see it. So definitely tweet it out to you know red team village dm any of our folks either Pony IP myself not research or system dumb And then we'll definitely throw that out there As well as retweet and all that we love reading those right so whether it's qualifiers rounds or the actual finals That's it's pretty amazing. Just kind of dig in and out You know kind of get a glimpse of that mindset that you had as you're going through the problem Uh, just be able to see you know, what what you thought on solving this challenge And then we also, you know, we designed a lot of this with like a specific flow in mind of like Hey, we expect them to go this way and you know, sometimes we're like, oh Well, you know, they can use like these three different tools to accomplish that or they can go this way or maybe that way Uh, I love just seeing when someone does, you know, something totally creative something I'm not familiar with and I was like, man, I didn't even think about doing it that way So I love seeing that. Uh, so please, you know, definitely, uh, if you if you're feeling froggy and you want to um You know, write up that pentest report, uh, please just uh, you know, tweet it out to us So then we could, you know, share it with the community and kind of let everyone know Kind of get a glimpse into, uh, you know, what it was like doing the finals So we'd love to hear from any of the teams that are out there and what their experiences were Yeah, via feedback and then also, um, you know, if you if you see the handles on some of the Challenge designers from falls a lot of those people also worked on the finals too You know shout out to, you know, like Waldo and and and Mike and, uh, you know, Conehead as well People who are helping kind of like interface with with you all and answer questions Bob Dole All those folks rub pain So definitely, uh, if you think about all the the targets that you interacted with right There's a whole another school of support targets behind that So with that like so many boxes per network, right and each team had their own instance So we're talking about 20 instances for the top team Definitely aws loves us. We spent a pretty penny with them But with that, you know, it takes a lot to kind of create that as well as support it, right? So huge shout out to our support team kind of running, you know Sporadically kind of throughout the night. We tried, you know, I know we weren't going to have, you know coverage all night long But for part of the night, we're able to kind of get some of that coverage as well as in this morning Kind of help the teams long as they made it through the network So huge shout out again to AI generated I'm looking forward to some feedback from you all as seen as you made it all the way through We were a little worried with that binary exploitation at the end. So Yeah, uh, so so impressed with, you know, the kind of skills And I will tell you that uh Our land hb designed that final, uh, exploit at the end there And I think you would love some of your feedback and just kind of what you thought about that Uh, because we were we were geeking out about it last night. So yeah, we want to know. Um, but yeah, again big shout out to ept Uh, and then uh, yeah, I generated obviously and then haxtree boys and then also some of the other teams We had the yee-haws out here, uh, physically present with us. So thanks for hanging out Um as well, like, you know, like I said, I'm looking at the points I've seen like most of the teams got into the network Um and got to kind of play around with it So and then obviously thanks to the sponsors and stuff for covering the cost that that it takes to uh To host, you know, you know, 20, uh active directory environments, uh, you know in the in the cloud. So yeah, thanks to them Awesome. No, I definitely loved it. Uh, and uh already starting to get poked up. Uh, I will say uh, my My discord is a bit unwieldy right now way too messages pending for me. So Uh, bear with me. I'll try to respond to some of you guys. I think snow scans just hit me up So super stoked. Uh, I'll try to talk to you all later Once we hop on this and then but definitely closing ceremonies Uh, all the teams will be announced at closing ceremonies and then we will work with the captains of the teams So definitely please stay in contact with myself. Uh, via the the emails that you provided as well as the discord handles And we'll work out logistics, uh But just give us a little bit of time to kind of work out the logistics and get the, you know prizes and everything out to you all You know our sponsors need a little bit and uh, I'm sure just like you all I need to take a nap at some point. I'm I'm a I'm a bit tired here. But uh, again, thank you all so much and then, you know huge shout out to uh, omar Uh for kind of handling our streaming without omar Uh, I would be struggle busting right now trying to try to juggle all of this. So huge shout out omar Thank you so much for kind of coordinating a lot of this You know, uh, make it if possible so we can come to you live from the defcon floor and kind of sharing all this Thank you. Thank you. It's quite the opposite And um, I'm gonna take the opportunity to actually congratulate Some of the winners of the oscp courses that we were given away yesterday We promised that we were gonna announce it this morning and I failed to do that. So You can probably take your money back now But uh, the congratulations to good speed not just bob and susan b123 Actually pretty cool handles. So you're the winners of the oscp courses that we had yesterday um We're gonna announce more giveaways, you know throughout the course actually probably even after defcon We do have a couple of more prizes to actually give so be in the lookout To a few things, you know the discord server Definitely twitter And of course, we're gonna be announcing many many other things In the upcoming in the upcoming hours or so now the other thing is that our next event Is a hacker one activity con and Once again, you know, thank you. Naham sec. He's actually been instrumental Definitely on day one with all the The panels all the interviews, you know all the streaming. So thank you. Thank you again ben Or naham sec for all your collaboration on all your work here But we'll help to see you and hacker one activity con and the details about that con is in the bottom of the screen And the red team village will be there So with that, let's go in a quick break and then We're gonna be again announcing a whole bunch of other prizes a little bit later on Thanks a lot Omar. Take care. Thank you. Thank you. Knock knock. Who's there this guy? What's up red teamers? What's up defcon? It's your favorite fake brilliant billionaire investor My little birdies cheap cheap cheap cheap cheap cheap cheap cheap cheap. I like cheap things. That's why I'm rich They let me know that lunar fire is under fire, but that is a therese gomas company And that's got so much smart shit in it And so it's unhackable or is it? No, it isn't Not even you boy and girl geniuses can do it You would have to be the human equivalents of cars with doors that open like this or like this. Are you Can you will you don't All right, we're back life And once again, congratulations to ai generated Ept and hack street boys You were the winners of the ctf this year And one more time to announce the winners of the oscp courses Congratulations to good speed not just bob and susan b123 as I mentioned just a few minutes ago We will have a few additional prices. So stay tuned and definitely be in the lookout in twitter I'm gonna try to bring the defcon floor right now live to the stream. So bear with me just one second Hey, west. How you doing? Hey, how's it going? Yeah, so we're uh, you know, again, congratulations to all the teams, right? ai generated ept hack the street as well as you know, the entire top 20 that made it the finals, right? That is huge to kind of make it to finals So great, uh, you know showing I hope all the teams learned something, right? I think we all learned something about defender evasion As well as you know, I'm not some spearfishing as well as you kind of got further in the network, you know Defender was out there is catching a lot of different things whether it was the actual binaries or heuristics So definitely a lot of fun. And uh, definitely I saw a few teams learned a little bit about some ci cd there's I think uh, some some fun experiences, uh, some teams kind of, you know, deleted some services or overrode Broke some of the things, uh, but we're able to kind of restart a form get them going again like that So a lot of fun and excitement out there Uh, definitely for the teams, you know, to kind of do that supply side interdiction get in that ci cd pipeline Pop out into another network. Uh, and then from there just kind of pivot and uh and go So it was a huge huge experience. I definitely loved it Uh, I'm glad to hear you don't kind of feedback from some of the teams. Oh, yeah, but we're here at the Defcon floor We're just kind of wrapping up now take taking down the projectors things like that Uh, as we kind of clean up into the contest floor here, we'll make our way to closing ceremonies Uh, with that, you know, they'll make some announcements, uh for everything that's kind of going on Uh, for all of our top three teams in the finals But again, like we just want to thank all of our balls, uh, every single player that kind of came out Uh, a lot of points on the board a lot of flags mission So we definitely think everyone had a lot of fun And then with that, you know, our top teams were just, you know, showing that skill and then making it to the finals Yeah, a lot of great feedback too. Um, I know I've learned a quite a few things and we're going to go make it better for next time And uh, yeah, we really appreciate like all the the good vibes and uh, and constructive feedback and the very minimal hate Like obviously this community is like really great and amazing and I've loved like interacting with you all So if you uh, if you slide them idms at some point like we we interact or help you with a hint or something like that Yeah, I appreciate you guys all uh being so cool. So yeah, definitely and then uh, especially with uh, you know, the ctf next year A lot of lessons that you all learned. Uh, all I can say is that we're going to take it up another notch Uh, it'll be difficult. So again, we'll have another kind of red team Engagement right a little pentest engagement here. So, you know Kind of bring your a game kind of prep. I probably review some notes From what you did this time and uh, kind of be ready to take it up to that next level. So We uh, definitely looking forward uh, follow us kind of throughout the year You know activity con everything else Those will be a lot of our kind of more standard jeopardy style kind of board qualifiers rounds So kind of follow us throughout the year a lot of you know New challenges will be coming out and then definitely def con next year We'll have the full blown scenario at the end huge, you know huge environments all that great stuff All right Thanks again and as was just mentioned our next event is hacker ones activity con And uh with that I think that this is a close at least for this stream If you're on site, please go to the official Closing ceremony from def con and before I lose my voice as well Thanks again Absolutely