THS|OS RTLE (Red-Team-Labs Edition) Beta 2 is scheduled to be released sometime today. The main focus of this Custom Linux Distro is to have major tools installed from github so that there are no longer update issues from repositories which are either out of date or not managed properly. If we can pull tools straight from the source rather than pulling it from a repo then I am all for it. What makes this OS different is that everything is up and running for the user as soon as the machine boots. Metasploit, Armitage, and the Veil Evasion framework are ready to rock out of the box!! We have kept the tools as minimal as possible but at the same time, keeping in mind and reacting to feedback we have received. Keep in mind that this Beta release is not final and that there are things that may be out of place. We have awesome tools that wont be found in any other pentest OS!!
What are you doing May 9th - May 11th 2014? If you are anywhere near the east coast then you should register for the conference!
I will be there along with other Top-Hat-Sec members. If you were never able to make a DefCon event because it was too far away then here is your chance to go to an awesome conference. It is a 3 day event with plenty of speakers, training & CTF!!!
We hit off the CTF on April 5th, 2014 @ 9AM PST. On this day we had a total of 5 players. On April 6th @ 11AM PST we had another 7 players and a couple of no shows. A total of 12 players which is awesome. As I had mentioned before, we were very unsure how the network would handle itself and turns out the network was flawless. We are confident that the next CTF should have a cap of 30 people maximum. If all goes well with 30 people then we may cap it at 50! Time will tell.
Only THS Members were allowed to play in this CTF. One reason is, it could have been a total failure! It was a success and I know that the players had a blast.
What you are looking up at ^^^^ were the machine names and the point values of the flags. Everything in green is a captured flag, all but one flag was captured, which that last flag was to crack a password hash that was probably not contained in any dictionary, so job well done guys! The machines consisted of:
A total of 7 machines on 4 different subnets. Pivoting would have been much needed! Anyways, thank you all for having the balls to play. Its nothing but beneficial and I guarantee it's a learning experience for all that play.
Special thanks to:
(co-admin) Yashar Alinejad. We spent at least 60 hours setting up and configuring this CTF.
(beta-tester) d4rkcat who spent the time to test the CTF machines before they went live.
"ths-recon" is simply a script that automates many tasks such as port and services scanning, banner grabbing, nameserver lookup, and other awesome methods that I like to use. It is easy to operate and the menu's guide you through self explanatory steps. I will probably be adding more to it as time goes along. It is currently fully functional and working great, just have to clean up some code and bugs as usual. I will keep you guys posted on new developments. This tool will be in the upcoming new THS|OS RTLE (Red Team Labs Edition)!
If you have any ideas or functionality that you would like to have, please let me know and I will see If I can make it happen!
Scott "R4v3N", co-founder and trainer for Top-Hat-Sec.