We are Recruiting!

Yes! We are actively recruiting individuals from the MD/DC/VA area for both online, on-site, and wireless CTFs.

To join our team solve this simple puzzle/captcha to find our New Member Orientation which contains a link to our discord server.

aHR0cHM6Ly9nb28uZ2wvNjJFVmpD


Tuesday, July 15, 2014

CTF365

Crimson Agents is on CTF365.  CTF365 is a security training platform that proposes a new approach to Capture the Flag (CTF) competition. It's currently in beta, as such much of the platform is in flux as teams determine how to use this new platform and Crimson Agents is using CTF365 for a variety of benifits.

Bug Hunting

 "Given enough eyeballs, all bugs are shallow" - Eric Raymond

By hosting content and asking a sizable community to "do your worst" we should be able to find bugs for extremely small projects that lack the security resources needed. We currently have a beta version of UnallocatedSpace's future site with the hope of finding a few bugs prior to its full deployment.




To support registration (and to find bugs in other software), we have a webmail server that will soon allow self-registration, and we'll provide instructions to assist testers with documentation for full coverage testing of the applications. Our team fortress is on 10.194.0.44



Tool Development

Having a large and diverse pen-test lab is beneficial for anyone developing or testing tools. CTF365 augments a personal lab with a large environment maintained by other people, ensuring a diverse set of targets. Crimson Agents will be using CTF365 both to ensure the robustness of our tools and to compare results from multiple tools.

Honeypot Research

The oldest way to learn is by observing others. The Crimson Agent's fortress will also include various honeypots to analyze recon and attack methodologies.

Team Practice

Currently the best way to practice for CTFs is to participate in them. This is analogous to saying, the best way to train an army is to fight in a lot of wars. CTF365 provides a flexible and dynamic environment to practice as a team, build cohesion, and solidify roles and expectations prior to being flung into a chaotic and stressful competition. Crimson Agents will be training on CTF365 prior to each CTF to test out team strategies and infrastructure, and perhaps find a few security bugs in the process.

About Crimson Agents

Formed in 2013, Crimson Agents is a DC based recreational security team that competes in various computer security wargames and hacker jeopardy contests. Our team comprised of various professionals seeking to practice and enhance our skills in penetration testing, vulnerability development, computer network defense, forensics, and reverse engineering. In addition to exploitation based CTFs, we also compete in Wireless CTFs with several members who focus solely in this domain. Our sister team Threat Inc focuses on defensive exercises such as malware analysis, forensics, honeypots, and network captures. We reuse what we learn from our "Blue Team" research to make our "Red Team" operations more effective and vice-versa.