Project Ares

Operation Wounded Bear

This mission required me to identify and remove the malware responsible for identity theft and to protect the network from further infections.
My task was to use Snort IDS/IPS to prevent, detect, drop, and alert me to the malicious executables found in the network. I then removed the malware from the first device that was infected then removed the malware from all other infected devices. Finally, I ensured that the network was safe and no longer infected.

Wounded Bear Corporate presentation

The requirements for the Power Point presentation were to

1. Identify threats and vulnerabliites that I found in the financial bank network

2. What I did to mitigate the threat

3. What my recommendations would be for how to prevent a similar attack from happening again

4. An explination of how the mission objectives were complete

Operation Goatherd

In this mission a group of hackers have utilized a botnet network to perform a wide spread financial scam. They have triggered a collapse at the ficticious Maravian National Bank.

My mission is to scan the hackers C&C, Identify vulnerable services, perform a bute force attack to obtain credentials, and kill the webserver processes.

To accomplish this task I utilized nmap to map out the target server and find vulnerable services such as ssh and vnc I then used Hydra to attack the C&C server once through an open ssh port and a second time using an open vnc port. To kill the C&C processes affecting the bank I searched for killed httpd services.

Operation Goatherd Power Point Presentation

The requirements for the Power Point presentation were to

1. Identify threats and vulnerabliites that I found in the financial bank network

2. What I did to mitigate the threat

3. What my recommendations would be for how to prevent a similar attack from happening again

4. An explination of how the mission objectives were complete

Operation Crimson Wolf

Mission overview: The need to stop ransomeware attacks

In Operation Crimson Wolf we must stop ransomware from spreading and infecting other systems on the network. The ransomware was introduced to the organization through a phishing attack.

This is designed to be a group mission. As a group we must determine which team members will complete which mission objectives and tasks, and which team member will schedule the group mission in Project Ares.To complete this mission as a team we needed to accomplish 4 tasks.

1. Communicate on a regular basis to plan for your mission.

2. Use a collaboration tool such as Discord or Zoom for voice teleconferencing to conduct virtual team meetings.

3. Create a meeting and mission schedule that works for all members of the team.

4. Attend group meetings and missions as scheduled.

Operation Crimson Wolf Power Point Presentation

The requirements for the Power Point presentation were to

1. Work as a team to complete this mission

2. Identify threats and vulnerabliites that I found in the financial bank network

3. What we did to mitigate the threat

4. What our recommendations would be for how to prevent a similar attack from happening again

5. Include an explination of how the mission objectives were complete

Operation Ocean View

Mission overview: The need to protect supervisory control and data acquisition (SCADA) system. This mission did not require a power point presentation.

In Operation Crimson Wolf we conduct an incident response mission for an organization's infrastructure that includes the organization's SCADA systems.

This is our first group mission. As a group we must determine which team members will complete which mission objectives and tasks, and which team member will schedule the group mission in Project Ares.

Operation Bear Treat

Mission overview: Access an arms dealer's personal system on thor.com.

In this operation we work as a team to retrieve account numbers that are linked to a terroist organization as quietly and quickly as possible. The adversary's network will vary in what services and ports can be exploited. Services that can be exploited can include FTP server, durpal, or distccd.

Mission Objectives:

1. Find the target web server

2. Exploit a vulnerability

3. Gain administrative access

4. Gather credentials

5. Identify and access internal system

6. Retrieve bank account data

Operation Bear Treat Power Point Presentation

The requirements for the Power Point presentation were to

1. Work as a team to complete this mission

2. Identify threats and vulnerabliites that I found in the financial bank network

3. What we did to mitigate the threat

4. What our recommendations would be for how to prevent a similar attack from happening again

5. Include an explination of how the mission objectives were complete