├── Labmanual_RedELK-workshop_x33fcon_HackinParis_2023.pdf ├── RedELK-workshop_mod1-intro-and-background.pdf ├── RedELK-workshop_mod2-redelksetup.pdf ├── RedELK-workshop_mod3-operationaloversight.pdf ├── RedELK-workshop_mod4-redelkconfiguration.pdf ├── RedELK-workshop_mod5-detectingblue.pdf ├── RedELK-workshop_mod6-advancedtopics.pdf └── preparations.md /Labmanual_RedELK-workshop_x33fcon_HackinParis_2023.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/outflanknl/RedELK-workshop/826a014c3970bc570d81a0d571e5d379989bde7e/Labmanual_RedELK-workshop_x33fcon_HackinParis_2023.pdf -------------------------------------------------------------------------------- /RedELK-workshop_mod1-intro-and-background.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/outflanknl/RedELK-workshop/826a014c3970bc570d81a0d571e5d379989bde7e/RedELK-workshop_mod1-intro-and-background.pdf -------------------------------------------------------------------------------- /RedELK-workshop_mod2-redelksetup.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/outflanknl/RedELK-workshop/826a014c3970bc570d81a0d571e5d379989bde7e/RedELK-workshop_mod2-redelksetup.pdf -------------------------------------------------------------------------------- /RedELK-workshop_mod3-operationaloversight.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/outflanknl/RedELK-workshop/826a014c3970bc570d81a0d571e5d379989bde7e/RedELK-workshop_mod3-operationaloversight.pdf -------------------------------------------------------------------------------- /RedELK-workshop_mod4-redelkconfiguration.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/outflanknl/RedELK-workshop/826a014c3970bc570d81a0d571e5d379989bde7e/RedELK-workshop_mod4-redelkconfiguration.pdf -------------------------------------------------------------------------------- /RedELK-workshop_mod5-detectingblue.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/outflanknl/RedELK-workshop/826a014c3970bc570d81a0d571e5d379989bde7e/RedELK-workshop_mod5-detectingblue.pdf -------------------------------------------------------------------------------- /RedELK-workshop_mod6-advancedtopics.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/outflanknl/RedELK-workshop/826a014c3970bc570d81a0d571e5d379989bde7e/RedELK-workshop_mod6-advancedtopics.pdf -------------------------------------------------------------------------------- /preparations.md: -------------------------------------------------------------------------------- 1 | 2 | ## Preparations for the RedELK workshop ## 3 | 4 | To get the most out of the RedELK workshop we recommend bringing the following: 5 | - A government issued ID containing your full name. We need this so we can verify your name before we can give you access to a lab with Export Controlled goods, namely Outflank's OST Stage 1 C2 and Cobalt Strike. 6 | - Laptop with a chromium based browser. You use this to connect to your lab environment. Chromium based browsers work best with the Guacamole setup of the lab. 7 | - Pre generate API keys so you can test with RedELK's online hash check capability - one is OK but more is better: 8 | - Virus Total, more info at https://support.virustotal.com/hc/en-us/articles/115002088769-Please-give-me-an-API-key 9 | - IBM X-Force, more info at https://www.ibm.com/docs/en/qns/5.4.0?topic=integration-obtaining-api-key-password 10 | - Hybrid Analyses, more info at https://www.hybrid-analysis.com/docs/api/v2 11 | - Optional: Email address and connection settings that you can use for receiving alarms via email --------------------------------------------------------------------------------