01 January 2021

Many of us at FortyNorth Security became familiar with hacking concepts by participating in CTFs (online or in-person) or played with different challenge VMs that others have created. We love this!  Sooooo..... we came up with a challenge of our own.

After some discussion internally, while we all love working on challenges, we wanted to try something different. Rather than hack a problem, why not try to build something that could be useful to everyone? With that in mind, our "challenge" this year is to build something in any of the three categories outlined below for a chance to win a 50% off discount any single training course we are offering in February (Assume Breach Operations, Initial Access Operations, or Intrusion Operations).

So how does it work? We (@FortyNorthSec) love coding and contributing to the open source community through writing our own code or contributing to others, so we wanted to build this "challenge" around this same concept. We are looking for code to be contributed to FortyNorth Security's Winter2020-Challenge repository based on the following categories:

1. Best Maldoc Templates - Doesn't need to include the malicious macro(s) that might be used inside it, we're looking for interesting Word/Excel documents that look enticing!
2. EyeWitness Report Update - We've been using EyeWitness for quite a while, and we definitely know the report could/should look a bit more... appealing. So why not make a sample report template of what EyeWitness should generate (include a few sample screenshots, headers, the good stuff). We can code in the template into EyeWitness (unless you want bonus points doing that), we're just primarily interested in what an updated report would look like.
3. Your new favorite Aggressor or Beacon Object File - We're interested in seeing something new here that would be useful on a test via Aggressor or BOFs. This could include different lateral movement techniques, shellcode injection with PPID spooding and dll blocking enabled, etc. The world is your oyster -show is something cool and useful!
4. Is there something that would just be really cool and blow our minds but not within the above categories? Submit it anyway and if it does blow our mind, we'll count it!

When your submission is ready to go (to either one, or any of these categories), go ahead and make a pull request to the challenge repo on Github, place all of your challenge answers into a folder with your Github username (makes it easier to track) and submit it! We will get all the submissions merged in and announce the winners on Jan 15! There will be one winner for each category (3 winners unless a fourth category submission is submitted and accepted)! Each winner will get a 50% off coupon for their course of choice.

We're looking forward to seeing what you can build!