It’s been awhile since I posted. I’ve been finalizing my OSCP dump / purple team presentation for my team. I gave the presentation last week, and overall, thought it went well. We ran through 4 vulnerable machines, ran into a couple snags, but were able to power through. I think I need to shorten the scope, but this was a dry run, so I’m glad I had some take aways. I pitched the exercises as a process we could follow to validate our internal controls. I think for now, we’re going to use these as a training exercise for the team every month.
I’ll pick a new vulnhub box every month to exploit, install IDS tools on, and re-exploit to generate logs for the blue team. We’ll go through these logs and see what we can learn. I think it’s a great idea for any team to go through these exercises. You can work on offensive, defensive and the IR process during these exercises, so it’s a win win for everyone on the team.
I’m going to finish all of my vulnhub articles, then start on some new ones! Next time I post, I hope to have a couple new videos and articles on the site. We’ll see! 🙂