Sharing of information, its what separates the red teams from the blue teams, locally and regionally. The red teamers, have blogs and meetings/gatherings (NOVAHackers) where they share ideas, teach each other and push each other forward. Blue teamers don’t do that. We don’t post anything, we keep our plans and tools secret, and when we don’t share that information that knowledge is lost. Everything that you’ve learned and that you taught yourself dies with you unless you share it for the next season’s team. If you don’t share, next years team has to start from square 1, day 1. It is an never ending cycle of red teams learning from each other and sharing year after year, and blue teams starting from square 1 year after year.

This blog will be focussed on tools and techniques for CCDC based blue teaming. It is derived from my experiences in MACCDC 2014 & MACCDC 2015. Some information will be generic information and not based on CCDC at all. Other information could be applied to CCDC as a whole, and the rest will be my tiraids specifically about MACCDC, the good, the bad and the ugly.

The intention here is to raise the bar for the red teams and in turn, it will raise the bar for each other, the blue teams, through sharing information, experiences, tools, scripts and tips.