Jake Smith

icon indicating a website link https://metactf.com

icon company MetaCTF icon location I build things and hack things in order to secure all of the things.

Results 24 issues of Jake Smith

Roadmap discussion & chat about state of latest open-source defensive software

priority/high
difficulty/hard

Issue with debug output printing during process scanning in develop branch

type/bug
module/processes
priority/high
in progress
difficulty/hard
lang/c++
mode/other
platform/client

Create initial ServerSink in Client and Go/gRPC Server Component

1 comment

type/enhancement
priority/low
priority/high
in progress
difficulty/hard
module/logging
lang/c++
platform/client
platform/server
mode/scan
lang/go

Failed to subscribe error in monitor mode

1 comment

```cmd .\BLUESPAWN-client-x64.exe --monitor -a Cursory ____ ____ ____ ____ ____ ____ ____ ____ ____ ||B ||||L ||||U ||||E ||||S ||||P ||||A ||||W ||||N || ||__||||__||||__||||__||||__||||__||||__||||__||||__|| |/__\||/__\||/__\||/__\||/__\||/__\||/__\||/__\||/__\| [*][LOW] Monitoring the system...

type/bug
difficulty/hard
lang/c++
mode/monitor
platform/client

Create mitigation to install Sysmon if not installed already

1 comment

Need to draft a good default config too or decide to rely on another open source project like Olaf's awesome sysmon-modular

type/enhancement
priority/high
difficulty/hard
lang/c++
mode/mitigate
platform/client

Readd Cobaltstrike beacon config parsing

This was previously in the codebase but the actual calls to see if a cobalt strike beacon was active seem to have been removed

type/bug
module/processes
priority/low
difficulty/easy
lang/c++
platform/client
mode/scan

Address failing Atomic Red Team Tests

[copied from Discord] T1562.004 - https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1562.004/T1562.004.md --> our hunt looks for some registry configurations in the fw that an attacker could use. our hunt is not yet robust enough to...

priority/high
difficulty/hard
lang/c++
mode/hunt
platform/client

Research possible integration of FireEye's capa into scan mode

type/enhancement
priority/low
difficulty/easy
lang/c++
mode/scan

Add logging for when Reactions take place

type/enhancement
priority/high
difficulty/easy
module/logging
lang/c++
mode/other

Create Authenticated Wiki Info Shown to Teams

After a team logs into the scoreboard, it should be very obvious where they can see a black team provided set of information that contains key network / ip info,...

web
feature_request