--[ Villages

----[ Arduino Escape Room

$ getent passwd eplumley
├─ name: Evan Grant Plumley
└── org: 780th MI BDE

I have constructed and Arduino based escape room experience that consists of three puzzles/riddles that can be solved by interacting with multiple types of sensors and actuators. I want to hold an open competition to see who can solve the escape room in the shortest time.

----[ Cyber Threat Intelligence on the Deep and Dark Web

$ getent passwd abritt
├─ name: Allen Britt
└── org: Bluestone Analytics

The websites you visit every day represent just a small fraction of the whole Internet. Beyond this “surface web” is the Deep Web, and within the Deep Web is the Dark Web. The presentation will show examples of indications and warnings of APT campaigns and a wide range of nefarious activities on the Deep Web and Dark Web, including malware trafficking, credentials dumps, hackers for hire, and cyberattacks-as-a-service ecosystems that outmaneuver security defenses.

During a live demonstration, analysts will provide rare insights into threat actors on chans and forums and will explain the basics of dark nets, their associated technologies, and defining characteristics. The presenters will also guide participants through examples of APT campaign indications and warnings The session will wrap with highlights on the value of building a data repository and staying agile within this complex environment by leveraging collection and exploitation capabilities that continuously evolve.

Published data on the Deep Web and Dark Web is invaluable; unfortunately, it is often overlooked due to a lack of tradecraft for persistent collection or expertise in accessing it safely and securely. For many agencies and organizations, it means missed opportunities to detect and predict cyberattacks from intelligence that simply can't be found anywhere else.

----[ Lockpicking Village

$ getent passwd
├─ names:
│  ├─── Flay
│  └─ MacGnG
└── org: TOOOL

Want to learn how to pick locks? TOOOL is back for our fifth year and running a hybrid village (virtual and in-person tutorials) all day. The lockpicking village aims to give attendees a real-world understanding of physical security through instruction in lockpicking and physical systems, and get attendees picking as soon as possible. We intend to provide as much hands-on support as possible over both the physical and virtual events, so bring your picks (and webcams) if you have them as we'll be doing 1-on-1 training.

The format is hybrid. There will be talks and scheduled training blocks on top of in-person instruction. Pay attention to the lockpicking-hangouts channel in the Avengercon Discord for the most up to date schedule.

Topics covered will be:

  • Lockpicking101: Flay
  • Government Locks Show and Tell: MacGnG
  • Hybrid Hangout and 1on1's: Everyone

----[ Polarity Triage Tournament

$ getent passwd bbuckwalter
├─── name: Brenna Buckwalter
├──── org: Polarity
└─ social:
   ├─ linkedin: linkedin
   └── twitter: @PolarityIO

The competition is a series of short head-to-head sprints rather than a marathon. Fastest correct answer submission for each sprint wins. Simple questions will test how fast you can triage micro datasets. For example, you might need to pick out the three vulnerabilities that are remotely exploitable from a list of 10 CVEs, find the benign IP in a list of known C&C servers, or decode the powershell payload from a base64 string. Each challenge lasts seconds or minutes and when all else fails, can usually be solved with some web searching. The grand prize samurai sword trophy goes to the competitor who answered all sprints correctly in the shortest amount of time.

All skill levels are welcome, your StarCraft micro or ShmooCon ticket purchasing skills will help, but you may also want to bring some of your favorite free security tools such as Google Search, CyberChef, and Polarity Community Edition. Scripting/programming/machine learning skills will not be necessary but we won’t stop you if you want to use them.

----[ RAID Operator Worthiness Challenge

$ getent passwd scollins
├─ name: Stan Collins
└── org: S3, 780th MI BDE (Cyber)

Initial challenge will be to solve a simple hacking challenge allowing participants to lift "Mjolnir" the hammer of Thor. After lifting the challenge, if participants are interested they will be directed to the RAID Worthiness booth to participate in a CTF styled challenge that will test their ability to think outside of the box, problem solving capabilities, and approach to non-traditional challenges.

----[ Red Team Techniques and Technology

$ getent passwd jwilliams
├─ name: James D. Williams
└── org: Millennium Corporation

The Millennium Red Team village will provide an interactive environment where aspiring or current Red Team operators can dive into a realistic Red Team operation. The environment leverages our Battlegrounds training range, where operators get dropped into a gamified, Red Team scenario. The scenario simulates a realistic enterprise environment and allows operators to practice with common Red Team techniques and toolsets, including CobaltStrike, as they conduct a cradle to grave Red Team operation. As an added challenge, the scenario has been wrapped into a Capture the Flag event, so operators can work through a variety of technical challenges while staying on top of the leaderboard.

----[ RF Village and CTF

$ getent passwd rshmel
├─ name: Richard Shmel
└── org: Army Cyber Institute

If you have ever been curious about the invisible world of RF, but had no idea where to begin, then this village is for you! Participants can stop by RF Village to get hands-on access to Software Defined Radios during AvengerCon. Each workstation will have a short tutorial to introduce attendees to the equipment used to transmit and receive RF signals, and then opens up the floor to participate in the RF CTF and try your hand at breaking real world signals.

For those of you who already have experience with RF topics, the RF CTF will be running all day. Bring your own SDR, or hop on an open workstation, and see how many challenges you can solve!