SANS New NetWars Core Version 9

SANS Institute · Beginner ·🔐 Cybersecurity ·3y ago

Key Takeaways

The SANS NetWars Core Version 9 is a cybersecurity training and testing platform that provides a fun and accessible way for students to practice their skills, with a storyline that guides players through challenges and a scoring system that tracks progress.

Full Transcript

foreign [Music] hi my name is Chris elgy I work for counter hack challenges and we build cyber ranges for the Sans Institute we build things like the Sands holiday hack Challenge and core networks tournament and I'm going to walk you through a bit of core networks tournament 9 today I am the head architect of that project and I'm excited that people can can start to play it now it took us quite a while to build and and has a bit of everything so you see I've just logged into the ranges.io platform with my Sans identity so because I have a Sans account I have a ranges account and then I can go into this game and I'm playing maybe because I'm at a large Sans event and there's net wars in the evening so I opted to play and and I'm brought into this this world so so we see here some young teens headed toward what looks like a spooky government laboratory in the woods they might be involved in in things with monsters or or uh or extra strange human powers here but uh their storyline is what brings us through these challenges I think I think the storyline helps helps bring people through the uh the cyber security uh you know technical things they're gonna have to do through through the game so so here as as players click in and see see challenges they can they can hit links here that bring them to a different assets like this Linux virtual machine this is a Linux terminal right in the browser nothing to download no special software to have on the player's computer and you can see I've been I've been punching through some simple challenges here where it has me uh just look at some files add a line to a file and then it any point here I've been able to type hint to see what else I need to do so here it's telling me to change directory into the forest so I took a hint and now I know I can just CD forest and then it says great now we need to look through the contents of the directory carefully uh for hidden looks like I need to find hidden files and if I type hint again it'll tell me what what I should be looking for so here I know I need to ls-a to see all the things and then I have a flag I have net Wars pitfall and again up atop net worth Pitfall so this is when I would leave that VM and go back to the ranges platform and put in the flag and get some points now on the topic of points we do have a running scoreboard here where I can see how many challenges I've solved how many points I've earned I can see my hit right here so I've gotten everything right that I've attempted and I can see I've taken two hints out of a possible 212 hints Tom is beating me on points uh Tom waffles pancakes and toast but there's still time for me to catch up now at a live event we'll also have a big scoreboard up on a projector so everyone can see for for most players it's about enjoying the game having fun maybe working as a team but some do like to compete and win coins so of course we do have to have points and a scoreboard so back to the game if I look at my challenges uh we have like I mentioned earlier we have some cyber threat intelligence uh pieces that are that are that are strung throughout the game that help players not understand just what to do in a given situation but also understand why things are going on so understanding what an uh what an attacker is trying to do to them and why some of these threat Intel questions sort of bring them along that storyline we also have in here some windows challenges and I've solved this one but I'll go to the next one where it's asking me to look at the contents of a file now along with some of these Linux terminals we have we also have a a full windows environment this is a full Windows Virtual Machine up in the cloud built just for my player and I know I need to go into the documents folder and it's asking me for the contents of the only file in here so if I type right side up.txt then it gives me these four words nothing out of the ordinary so I can copy those to my clipboard come back to ranges IO and then paste them in and sure enough I get some points so great catching up on Tom now as I go to the next challenge it's asking me about something in an environment variable if I have no idea what that is again we've got hints here so I can click hint and it says oh maybe try this this command here in a Powershell prompt and I can do that and I can progress through now before we uh before we finish up here I do want to show one more challenge that now you'll see a lot of these are locked out uh we we don't put most of the harder challenges uh in an available State until players have gotten so far because it can be uh can be a bit intimidating right but I did unlock this specific one here where this is a web application penetration testing challenge where we see we've got this adorable character that is trying to collect some dice of those d6s and d20s in another environment so if I click in I'm brought to this web application where I can steer around and I can try to light my torch by clicking on one of these torches and there we go the room is lit and as I go through the the challenges get more and more difficult but again I've got hints here from some of the other characters like nine and Bill and they can help me through so one last thing is that at the end of the event based on how we've performed the the ranges platform will send me a report card and it basically says hey there were this many forensics challenges and you got through you know three of the six and you got through you know eight of the 20 penetration testing challenges and it gives me some feeling of uh maybe what I want to work on next uh in terms of my cyber security Journey do I want to look more at some defense classes or or maybe management or cyber threat Intel so uh that report card will come to me in about a couple of days well that's all we have for right now thanks so much and please feel free to reach out if you have any questions about net Wars thanks

Original Description

Training and testing your skills are now more fun than ever! SANS NetWars Core Version 9 is super accessible and broadly applicable. Students from #SEC301: Introduction to Cyber Security, to #SEC760: Advanced Exploit Development for Penetration Testers can get through challenges with hints (or not!) and earn points. Story Behind SANS NetWars Version 9: A group of young friends are facing terrible danger, possibly associates with the local Hackins National Laboratory. You can help! Help defend our heroes—find out who’s behind all this and maybe even strike back. ➡️ Learn more about SANS NetWars Core Version 9: https://www.sans.org/u/1rjA #SANSInstitute #SANSNetWars #CyberRanges #Cybersecurity
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from SANS Institute · SANS Institute · 0 of 60

← Previous Next →
1 SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques
SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques
SANS Institute
2 SANS Institute Cybersecurity Training Customer Stories
SANS Institute Cybersecurity Training Customer Stories
SANS Institute
3 SANS Institute UK Cyber Academy
SANS Institute UK Cyber Academy
SANS Institute
4 SANS Institute UK Cyber Academy
SANS Institute UK Cyber Academy
SANS Institute
5 CISSP® Prep Exam, MGT414, by SANS Institute
CISSP® Prep Exam, MGT414, by SANS Institute
SANS Institute
6 SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN
SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN
SANS Institute
7 Information Security Training from SANS Institute - Student Testimonials
Information Security Training from SANS Institute - Student Testimonials
SANS Institute
8 SANS NetWars
SANS NetWars
SANS Institute
9 SANS DFIR NetWars
SANS DFIR NetWars
SANS Institute
10 Hack The Drone - SANS Cyber Academy UK
Hack The Drone - SANS Cyber Academy UK
SANS Institute
11 SANS VetSuccess Immersion Academy
SANS VetSuccess Immersion Academy
SANS Institute
12 SANS Cybersecurity Training, Certifications & Placement for Veterans
SANS Cybersecurity Training, Certifications & Placement for Veterans
SANS Institute
13 The 2015 SANS Holiday Hack Challenge
The 2015 SANS Holiday Hack Challenge
SANS Institute
14 SANS VetSuccess Academy: Hands-on Skills
SANS VetSuccess Academy: Hands-on Skills
SANS Institute
15 SANS VetSuccess Academy Overview
SANS VetSuccess Academy Overview
SANS Institute
16 SANS ICS Security Summit & Training 2017
SANS ICS Security Summit & Training 2017
SANS Institute
17 Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
SANS Institute
18 WannaCry recap, patches, and analysis
WannaCry recap, patches, and analysis
SANS Institute
19 If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?
If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?
SANS Institute
20 Graduation Day - SANS HM Gov Cyber Retraining Academy
Graduation Day - SANS HM Gov Cyber Retraining Academy
SANS Institute
21 Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017
Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017
SANS Institute
22 SANS Data Breach Summit & Training 2017
SANS Data Breach Summit & Training 2017
SANS Institute
23 SANS Secure DevOps Summit & Training 2017
SANS Secure DevOps Summit & Training 2017
SANS Institute
24 How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
SANS Institute
25 SANS Webcast – Continuous Opportunity: DevOps & Security
SANS Webcast – Continuous Opportunity: DevOps & Security
SANS Institute
26 SANS Cybersecurity Programs for the Department of Defense
SANS Cybersecurity Programs for the Department of Defense
SANS Institute
27 SANS Pen Test HackFest Summit & Training 2017
SANS Pen Test HackFest Summit & Training 2017
SANS Institute
28 SANS SIEM & Tactical Analytics Summit & Training
SANS SIEM & Tactical Analytics Summit & Training
SANS Institute
29 If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017
If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017
SANS Institute
30 SANS Institute
SANS Institute
SANS Institute
31 ICS515: ICS Active Defense and Incident Response
ICS515: ICS Active Defense and Incident Response
SANS Institute
32 SANS Institute
SANS Institute
SANS Institute
33 Introducing the NEW SANS Pen Test Poster
Introducing the NEW SANS Pen Test Poster
SANS Institute
34 SANS Institute - An Inside Look at the Newly Updated ICS515 Course
SANS Institute - An Inside Look at the Newly Updated ICS515 Course
SANS Institute
35 SANS ICS Security Training, Munich, Germany
SANS ICS Security Training, Munich, Germany
SANS Institute
36 SANS Automotive Summit Webcast
SANS Automotive Summit Webcast
SANS Institute
37 Privesc Playground - SANS Pen Test HackFest Summit 2017
Privesc Playground - SANS Pen Test HackFest Summit 2017
SANS Institute
38 Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
SANS Institute
39 Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation
Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation
SANS Institute
40 SANS Security Operations Summit & Training 2018
SANS Security Operations Summit & Training 2018
SANS Institute
41 Sh*t Happens!  (But You Still Need to Drink the Water) – SANS ICS Summit 2018
Sh*t Happens! (But You Still Need to Drink the Water) – SANS ICS Summit 2018
SANS Institute
42 ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
SANS Institute
43 You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
SANS Institute
44 A Sneak Peak at the New ICS410
A Sneak Peak at the New ICS410
SANS Institute
45 Jumping Air Gaps – SANS ICS Summit 2018
Jumping Air Gaps – SANS ICS Summit 2018
SANS Institute
46 Introduction to Linux
Introduction to Linux
SANS Institute
47 Introduction to Malware Analysis
Introduction to Malware Analysis
SANS Institute
48 You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
SANS Institute
49 Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
SANS Institute
50 Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
SANS Institute
51 Apples and Oranges?:  A CompariSIEM – SANS Security Operations Summit 2018
Apples and Oranges?: A CompariSIEM – SANS Security Operations Summit 2018
SANS Institute
52 SANS Webcast - Perimeter Security and Why it is Obsolete
SANS Webcast - Perimeter Security and Why it is Obsolete
SANS Institute
53 SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
SANS Institute
54 The Science of Security: The Psychological Impacts of Security Awareness Programs
The Science of Security: The Psychological Impacts of Security Awareness Programs
SANS Institute
55 How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
SANS Institute
56 Practical Advice for Submitting to Speak at a Cybersecurity Conference
Practical Advice for Submitting to Speak at a Cybersecurity Conference
SANS Institute
57 SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
SANS Institute
58 SANS Webcast - Zero Trust Architecture
SANS Webcast - Zero Trust Architecture
SANS Institute
59 SANS STX Cyber Range
SANS STX Cyber Range
SANS Institute
60 Part 1 – SANS Institute and Tenable talk about cloud security
Part 1 – SANS Institute and Tenable talk about cloud security
SANS Institute

The SANS NetWars Core Version 9 provides a comprehensive cybersecurity training platform that guides players through challenges and tracks progress, with a focus on threat intelligence, penetration testing, and web application security.

Key Takeaways
  1. Log in to the ranges.io platform
  2. Access the Linux terminal or Windows Virtual Machine
  3. Complete challenges and earn points
  4. Use hints to progress through challenges
  5. Analyze system vulnerabilities and conduct penetration testing
💡 The SANS NetWars Core Version 9 provides a unique and engaging way to learn cybersecurity skills, with a focus on practical application and real-world scenarios.

Related Reads

📰
Best Cyber Security Diploma Course After 12th With Certification
Learn about the best cyber security diploma courses after 12th with certification for a career with excellent growth opportunities
Medium · AI
📰
Best Cyber Security Diploma Course After 12th With Certification
Learn about the best cyber security diploma courses with certification after 12th grade and kickstart a career with excellent growth opportunities
Medium · Cybersecurity
📰
You migrated to post-quantum crypto. Is the implementation actually conformant?
Ensure post-quantum crypto implementation conformity with FIPS standards using Quantakrypto's sieve tool
Medium · Cybersecurity
📰
Active Directory Enumeration & Password Spraying: A Hands-On Guide
Learn hands-on techniques for Active Directory enumeration and password spraying to enhance your internal penetration testing skills in Microsoft Windows environments
Medium · Cybersecurity
Up next
What is DevSecOps Explained with Examples
VLR Software Training
Watch →