# My Experience at GCC 2024 ## India at GCC !! Global Cybersecurity Campaign (GCC) 2024 was a cybersecurity bootcamp from 19th February 2024 to 24th February 2024. The event consisted of 6 trainings which had topics from various fields of cybersecurity. India was participating for the very first time in GCC and I feel proud and thankful to team bi0s and Vipin sir our mentor for giving me this oppurtunity to be a part of GCC family. ## Trainings #### Deep Dive into Active Directory Techniques The very first training of GCC. The training got us started with the very basics of Active Directory. In Lab we learnt the basics of AD setup, following the subsequent labs where we had exploit services using the various vulnerabilities found in the wild relating to Active Directory. The training has helped me get with Active Directory exploration and hopefully I will get into various exploitation techniques relating to the same. #### Handling Threat Intelligence: Techniques for consuming and creating threat Intelligence The first talk of the day on 19th February started with this. It was a mixed feeling as the talk was partly based on the forensic side of understanding various APT attacks and stuff. We learnt to write yara rules, and now it makes sense why companies are so focussed about writing these rules. Learnt about how can you detect about a potential attack from vpn logs and stuff. Altogether it was an interesting one trying to understand how the data generated from an attack helps to develop detection systems to protect companies and industries. #### Fuzzing in the kernel world The second talk on Tuesday, well this was something me and my team mate Ren was waiting for a long time. The trainer was Lisa from Taiwan. Her talk was awesome and too detailed. She started from basics of AFL-FUZZ to fuzz userland application written in C. gradually went into the depths of Virtualization. The session covered topics in a great depth and I learned a lot. My linux security research will definitely build upon the same. #### How (not) to build a vulnerable LLM web app The Speaker for this talk was Mr. Shota Shinogi from Japan. It was a very new topic for me, but his way of teaching and explaination made it very intruguing and interesting to learn about the domain of LLM security. It had various CTF challenges and we had a quite fun time playing with them to get the flags. We leant that how prompt injection works and how easy it is to use to well crafted payloaded prompts to leak highly sensitive data of the companies. Our final task was to create a vulnerable web application and write patches for the same. Altogether it was great learning from the session and we now know the basics to create a simple LLM application for a CTF challenge. #### Hunting with a Dinosaur This session was based on DFIR. The labs were great and learnt a very interesting tool called "Velociraptor". This tool is used to collect forensic artifacts from the compromised system. The tool also gives a good understanding about the query language used by the tool. The artifacts used by the tool also had detailed briefings regarding what are the things they query for. All in all, my initial steps in the domain of DFIR was awesome and learnt a lot from the session. #### Hands on Car Hacking Well this was by far the best session I attended at GCC. Our trainer Mr. Kamel Ghali gave us an introduction to Bluetooth security and we got to play with a vulnerable bluetooth server. It was designed as a CTF challenge and we were supposed to find flags from it. Initially after playing and getting hands on for bluetooth security, we got the taste of car hacking. We played with CAN Networks and learnt various CLI tools regarding the same. It was a great experience and we learnt some cool stuff. He told us about the book named "Hands on Car Hacking". We created a virtual CAN network and simulated various attacks. At the end of the session we had an open hacking session where we dealt with real world car related products and tried out the exploits and attacks we learnt from the session. #### Practical Malware Analysis and .NET reversing based on real world cases This was the last session of the cybersecurity camp. I have been into malware research now for approximately 6 ~ 7 months, so I kinda know the basics in it. However this session proved to be of great help for me to understand about the rise of .NET malware and various tactics used in it. The Labs in this session were also CTF based. We worked our way around to retrieve config files and other stuff. Altogether after the session I have become keenly interested on malware analysis especially on .NET malware. ## Groupwork Now this was a surprise part for me. I was expecting kind of a presentation work at the end of the camp, but wasn't sure that the we will be working in teams of 5 or 6 to make a project over a period of 5 days. Regardless, the feeling of delving into a project and completing the same within 5 days was kinda both challenging and interesting. The groupwork went up a notch when we came to know that top 2 teams will get the voucher for Offsec's Proving Grounds for o1 year. Personally I feel that all the hype around a competition is all about the reward we get at the end. Same for this one. Soon the time came when teams were assigned differnt topics. There were 4 topics 1. Osint Data Feed Analysis 2. CVE and Vulnerability Database 3. Maltego Plugin 4. CTF Challenge Making Before I go into which topic our team was assigned. I would like to introduce our team members. - Ren [MY] - Kevin [IDN] - Nong [TH] - Josh [KO] - Raj(me) [IN] We had awesome time together, a special fact, I am the one who was always late in the morning everyday 😅, however my team was very supportive and helped me get the briefing of whatever I missed in the class. Me and Ren had a great time discussing about CTFs (I mean me a reverser and he is a pwner), we understood each other's difficulties in CTFs and shared knowledge. Ren also helped me out in various labs and stuff throughout the event. He was also the one who always wanted a detailed plan to work before we actually pushed for the actual task or started working. This helped us a lot as a team. Josh was the most studious one among us, I really liked his notes. It is also for him that I was able to get a Tshirt from Horangi 😂. Josh also helped me with mint candies whenever I was falling asleep 🤣. Kevin kept our motivation levels high whenever we were about to hit a roadblock in the groupwork. I liked the candies he brought from Indonasia. A special thanks to him for getting a breakthrough in our groupwork, by the way before I forget to mention our team was assigned to do our groupwork on Osint Data Feed Analysis. Though in the very start of the project we all didn't have a clue on what were we supposed to work, eventually on the third day of the project work we started seeing the ray of hope and on the penultimate day of the conference we were able to pull through our custom tool which had the capabilities to try and find the location of a scammer based on some initial inputs. Nong helped us in setting up a detailed understanding of different tools out there and finally make it valid that why were we using our custom tool for the project. The night before our presentation we were awake till 3 and was able to integrate different toolsets and get our project up and running.Ren and I were working on the coding part and Josh, Nong and Kevin helped us with the presentation part. After some final touchups the next day, we were ready for the presentation. Each presentation was supposed to be completed within 5 minutes(yeah I know it's a race against time). Our team gave their best shot, however unfortunately we were not able to be within the time frame. There was one more team who were competing with us on the same project, and they were well within time and their tool was well built. It had a web Interface whereas we made a CLI tool. We almost thought that we were going to loose the 1st round. However to our great surprise we qualified among top 4 out of the 9 teams and we were overjoyed about the fact. Finally in the final round, our team didn't make it, but we could all feel the energy and pride in our team for making it to the semis 😁. Kudos to the top 2 teams, there project was great and their presentation was just awesome.