Eiffel65 is a place of learning. Many are accustomed to exploits of red teaming, but it’s much more common to be involved in defending a network than hacking it. Come explore the layers of the defensive security. From the inner core of incident response, where analysts and engineers pull apart the scene of the attack. To supporting roles of threat hunting, discovering what tooling doesn’t catch, and forensics that digs to ground zero. And finally, threat intelligence which informs the whole apparatus to make better decisions with context from real-world hacker activity.

At Eiffel65 we will give you hands-on opportunities to explore what it means to be on the blue side. You’ll gather more information on indicators using OSINT. You’ll investigate datasets on a device and in OpenSearch. You’ll poke at phishing emails and malware. And you might even dive into the depths of forensics artifacts. Here are some things we’ve prepared for you:

• Threat Intelligence
  • Understanding current events
  • Understanding threat reports
  • Determining if indicators are malicious using OSINT
  • Creating MITRE ATT&CK maps
• Threat Hunting
  • Malware sandbox submissions
  • Log anomaly detection
  • Dumping logs to OpenSearch
  • Investigating logs in OpenSearch
• Incident Response
  • Zeek security monitoring
  • PCAP analysis
  • Collecting intrusion evidence
  • Phishing email analysis
• Forensics
  • Exploring forensics artifacts
  • Registry and forensic image analysis

Eiffel65 has something new for novices and experts to learn (or teach). Come test your steel and sharpen your skills. Leave with something to make you better at your day job.

FAQ

Does your community have a minibadge? If so, how can I get it?

Yes! We have a Blue Team Community minibadge. You can get it by participating in our community. 

What kind of things can I do in the community?

There are multiple exercises you can participate in. Do as few or as many as you want. Each should take about 5 minutes. They range from learning more about an indicator to capturing logs to looking at forensics artifacts.

What skill level is needed to participate in the community?

There is something available to people of all skill levels. There will be something from entry level to mid-advanced exercises.

What tools do I need to participate?

You don’t need anything to participate in the community. We will have multiple workstations at the community to run through the various exercises provided.

Where do I go if I have questions?

You can find and contact the community staff on Discord or in person – b^n. Likewise, you can join our Discord Channel – #blue-team