Need community input

Morning folks.

I know its been a while since ive posted here, life has been crazy, and my company just agreed on a takeover of another blue team company, so I’ve been dealing with all that fun legal stuff.

Id like the communities input on something. I’ve been speaking to my Microsoft rep for the last week or so, and they have agreed to supply me (and in turn) us with some licenses for (Microsoft Server 2008, windows 7, 8, and 10)

The licenses are corporate ones which I can install on as many systems as id like, could/would they be of any service to 0x00Sec for exploit development, or malware, or whatever?

16 Likes

Hi @anon3236228,

Sounds good ! For financial reason, we could imagine something like a monthly subscription where subscribers could deploy a VM with the desired OS ? It will be easier to test malware, exploit, etc … without interfering with other users.

1 Like

13 Likes

I’d say being able to set up our own, members-only lab environment would be incredible, and push the community to another level.

It would facilitate more(and different) CTF events, teach people about Windows(Linux is drastically over represented), etc.

3 Likes

Would love to solve Windows CTFs. And would also love to learn more about it from the experts.

For Pentesting, a lot of corporate networks are going to be using Windows Server at some point in their stack. Usually a domain controller or even just a samba file share. Thus, my post-exploitation skill in the windows environment is woefully subpar when compared with Linux.

I think a live CTF on Twitch or something, with a live box everybody can access during the stream, would be super cool. We could have VPN where it simulates being on the network with a Windows Server and a few clients. A full network CTF would really step up the game, and would be way more involved than just “hit this server”.

2 Likes

needs moar IIS

This topic was automatically closed after 30 days. New replies are no longer allowed.